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•  Do  I  need  an  $800  IP  phone? 

•  Will  SIP  ever  be  ready  for  the  desktop? 

•  How  do  I  run  my  business  on  Skype?  Page  22. 


As  the  spam  changes 

Image  spam  is  on  the  decline,  but  PDF-based 
spam  is  coming  on.  Page  16 


Microsoft  talks 
software  services 

m 

future  of  Microsoft's 
software  services. 

Page  12. 


Company 
CEO  Steve 
Ballmer  lays 
out  the 
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Dual  mode 
to  spur  VoIP 
on  WLANs 


The  7  Wonders  of 
the  Internet 

Never  mind  architec¬ 
ture;  check  out  “The 
7  Wonders  of  the 
Internet”  —  a 
Buzzblog  community 
effort.  Page  20. 


BY  TIM  GREENE 

Avaya  plans  to  team  up  today 
with  Nokia  to  support  dual¬ 
mode  Wi-Fi-cellular  phones  as 
the  race  to  link  cell  phones  with 
corporate  VoIP  systems  heats  up. 

SPECIAL@F0CUS 

Specifically  the  companies  are 
announcing  that  the  combina¬ 
tion  of  Avaya’s  one-X  Mobile 
Dual  Mode  Edition  software  on 
Nokia  Eseries  phones  and  Avaya 
Communications  Manager  IP 
PBXs  will  let  users  make  and 
receive  corporate  phone  calls 
on  the  mobile  devices.  The  soft¬ 
ware  to  upgrade  the  phones  is 
available. 

See  Wireless  VoIP  page  18 


PKI  pizazz 

Illinois  has  issued 
over  107,000  digital 
certificates  on  behalf 
of  state  agencies, 
universities  and  law 
enforcement. 

Page  24. 

Emoticon 
turning  25 

Scott 
Fahlman  is 
the  guy  you  want  to 
thank  :-)  or  blame  :-( 


Dual-mode  rising 

How  do  users  access 
voice  services  on 
WLANs? 


|  Dual  mode 
Single  mode 
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Extreme  makeover  shifts 
from  acquisition  to 
executiorkphase.  PAGE  32 


Kenneth  Deans,  CIO  of  Bassett 
Healthcare,  is  bullish  on  EMC,  but 
Industry  watchers  say  the  jury  is 
still  out  on  whether  the  company 
can  deliver  on  its  grand  vision  of 
information  management 


EMC  is  set  to  refresh  its  storage  system  families  this  week.  Page  10 


ELIZABETH  WEINBERG 


Sniping  intensifies  over 
document  formatting 

Microsoft,  Massachusetts  at  center  of  debate 


BY  JOHN  FONTANA 

With  less  than  a  week  remaining  to 
collect  comments  on  a  plan  to  adopt 
Ecma  International’s  Open  XML  stan¬ 
dard,  the  commonwealth  of  Massa¬ 
chusetts  is  mum  on  how  the  issue  is 
faring,  but  some  who  disagree  with  the 
action  already  are  voicing  their  opin¬ 
ion  publicly. 

Andy  Updegrove,  a  lawyer,  a  board 
member  of  the  Linux  Foundation  and 
a  Massachusetts  resident,  is  stirring  up 
controversy  with  comments  he  submit¬ 


ted  to  the  Massachusetts  Information 
Technology  Department  (ITD)  that 
oppose  the  Open  XML  initiative. 

“Microsoft  is  hardly  to  be  blamed  for 
lending  no  support  to  the  success  of 
the  Open  Document  Format  (ODF). 
But  neither  should  it  be  rewarded  for 
launching  a  competing,  self-serving 
standard  as  a  next-best  defense 
against  erosion  of  its  dominant  posi¬ 
tion,”  he  wrote  in  comments  submitted 
to  the  ITD. 

See  Turbolinux,  page  14 
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Clean  machine 

Thanks  for  the  information  on  CCleaner 
(www.nwdocfinder.com/9521).  I  downloaded 
it  after  reading  Mark  Gibbs’  column  and  ran  it 
on  my  Windows  XP  laptop.  The  free  space  on 
my  C  drive  was  8.3GB  at  the  start  of  the 
process.  After  I  let  CCleaner  flush  everything, 
the  free  space  was  16GB! 

Jerry  Gauthier 
Sandwich,  Mass. 


**We  as  a  society  have  lost 
all  reason  when  it  comes  to 
personal  free  time  and  the 
emphasis  on  instant  or  near¬ 
instant  response  and  deci¬ 
sion  making.55 


Light  at  the  end  of  the  tunnel 

In  reference  to  Mark  Gibbs’  column 
“Appalled  by  things  legal”  (www.nwdocfind 
er.com/9522),  thanks  for  highlighting  this 
unintended  consequence  of  security  legisla¬ 
tion.!  wonder  whether  we  will  soon  be  subject 
to  power-theft  suits  for  plugging  laptops  or  cell 
phone  chargers  into  the  very  few  available 
power  outlets  in  airport  lounges. 

What  is  alleged  to  have  been  stolen  in  the 
case  of  Sam  Peterson,  who  was  charged  with 
“stealing”  free  Wi-Fi  (www.nwdocfinder.com 
/9523 )?  It  is  not  property  and  it  is  not  intellec¬ 
tual  property  I  guess  it  is  utility,  in  the  sense 
that  he  competes  for  the  available  bandwidth 
and  reduces  the  utility  of  the  network.  What 
would  happen  if  a  neighboring  business  put 
in  a  Draft  N  network  with  an  edge  router  that 
extended  the  range  of  the  cafe’s  network  in 
distance  and  functionality?  If  it  increased  the 
utility  of  the  network  in  another  dimension, 
would  it  be  theft? 

Your  analogy  of  the  porch  light  reminds  me 
of  someone  who  lived  a  mile  away  from  a 
place  where  I  used  to  work.  He  complained  to 
the  company  about  light  pollution  from  the 
building  at  night.  Light  spilled  from  a  building 
might  be  seen  as  a  resource  or  pollution, 
depending  on  your  point  of  view.  It’s  a  bit  like 
the  definition  of  a  weed  —  a  plant  growing  in 
the  wrong  place. 

Peter  Quirk 
Hopkinton,  Mass. 


Tune  out,  turn  off  cell  phones 

Mark  Gibbs’ column  about  green  initiatives 
and  the  bees’  Colony  Collapse  Disorder 
(www.nwdocfinder.com/9524)  finishes  with 
this  sentence:  “Let’s  just  hope  that  cell 
phones  aren’t  the  cause  of  Colony  Collapse 
Disorder,  because  switching  them  off  could 
turn  out  to  be  one  of  the  biggest  business 
challenges  we  ever  face.” 

Yes,  it  would  be  a  big  disrupter,  but  maybe  for 
the  better.  I  think  we  as  a  society  have  lost  all 
reason  when  it  comes  to  personal  free  time 
and  the  emphasis  on  instant  or  near-instant 
response  and  decision  making.  Why  does 
everybody  have  to  be  available  24/7?  Wouldn’t 
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some  decisions  be  better  if  a  little  more  time 
was  spent  in  contemplation  and  review? 
(Think  —  some  merger  decisions  before  the 
“Internet  bubble”  and  since.) 

Don’t  get  me  wrong,  1  think  all  of  the 
advances  in  communications  have  been  for 
the  better.  It’s  the  application  of  those  advances 
that  worry  me.  I’ve  worked  in  IT  since  1965  and 
have  also  owned  and  operated  a  network- 
integration  company  We  covered  emergencies 
by  assigning  and  scheduling  personnel  to  be 
on  call  —  not  the  whole  team,  just  one  or  two 
people  who  carry  a  beeper  or  cell  phone. 
(Both  salaried  and  hourly  personnel  can  be 
compensated  for  the  inconvenience  of  being 
on  call  and  receive  additional  compensation  if 
they  have  to  respond  to  a  call.)  The  boss  didn’t 
call  you  at  home  just  to  get  an  opinion  or  ask  a 
question. Those  could  wait  until  the  next  day 

Some  people  rudely  interrupted  even  before 
cell  phones  and  the  like.  In  the  ’70s, one  of  my 
co-workers  would  call  me,  and  if  I  didn’t 
answer  the  phone  because  I  was  in  a  meeting, 
for  instance,  he  would  come  to  my  office  and 
stand  in  the  door  until  I  responded.  I  had  to 
start  ignoring  him  until  the  end  of  the  meeting 
before  he  finally  figured  out  how  rude  he  was. 

Tom  Sawyer 
Springville,  Utah 

E-mail  letters  to  jdix@nww.com  or  send  them  to 
John  Dix,  editor  in  chief,  Network  World,  118 
Turnpike  Road,  Southborough,  MA  01 772.  Please 
include  phone  number  and  address  for  verification. 

READERS  RESPOND  Find  out  what 
readers  are  saving  about  these  and  other 
topics,  www.nwdocfinder.com/1030 
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Cisco  software  vulnerable 

Cisco  last  week  identified  vulnerabilities  in  its  Unified  Communications  Man¬ 
ager  IP-telephony  software  —  formerly  CallManager  —  that  could  allow  a 
denial-of-service  attack  or  the  execution  of  arbitrary  code.  UCM  contains 
two  overflow  conditions  that  could  let  a  remote  or  unauthenticated  user  initiate 
a  DoS  condition  or  launch  inadvertent  programs.  A  workaround  exists  for  one  of 
the  vulnerabilities,  Cisco  says  in  an  advisory  on  its  Web  site.  The  first  overflow 
condition  affects  the  product’s  Certificate  Trust  List  Provider  service.  CTL  Provider 
listens  on  TCP  Port  2444  by  default,  but  the  port  is  user  configurable.The  second 
overflow  condition  affects  UCM’s  Real-Time  Information  Server  Data  Collector 
service.  RIS  Data  Collector  listens  on  TCP  Port  2556  by  default,  but  the  port  is  user 
configurable,  www.nwdocfinder.com/9566 


Capellas  to  take  reins  at  First  Data. 

Michael  Capellas,  formerly  CEO  of  MCI  and 
then  Compaq,  is  making  a  comeback  as  the 
CEO-apparent  to  e-commerce  and  payment 
firm  First  Data.  First  Data  is  being  bought  by 
an  affiliate  of  Kohlberg 
Kravis  Roberts  &  Co.,  and 
Capellas  will  take  over 
after  the  deal  closes  later 
this  year.  Meanwhile,  Ca¬ 
pellas  will  be  coming  up 
to  speed  by  working  with 
management  teams  from 
KKR  and  First  Data. 
Capellas  will  succeed  Henry  “Ric”Duques, 
who  has  been  chairman  and  CEO  of  First 
Data  since  November  2005.  Previously  he  was 
chairman  from  1989  to  2003  and  CEO  from 
1989  to  2002.  Duques  was  brought  back  to 
lead  the  company  in  2005,  with  the  under¬ 
standing  that  he  would  retire  within  two 
years.  Capellas  led  MCI  out  of  bankruptcy 
through  its  acquisition  by  Verizon  last  year. 
While  CEO  at  Compaq  from  2000  to  2002, 
Capellas  negotiated  the  sale  of  the  company 
to  HPthen  served  as  president  of  HP 
www.nwdocfinder.com/9567 


VeriSign  restates  earnings.  VeriSign  CFO 
Dana  Evan  resigned  last  week  and  the  com¬ 
pany  has  restated  its  earnings  from  2002  to 
2005,  declaring  an  additional  $160.3  million 
in  expenses  for  stock-option  compensation. 
Bert  Clement,  formerly  VeriSign’s  senior  vice 
president  for  finance  and  controller,  has 
been  named  the  new  CFO.  The  change  is 
the  company’s  second  executive  resignation 


in  three  months.  In  late  May,  CEO  Stratton 
Sclavos  stepped  down  and  was  replaced  by 
William  Roper  Jr. The  financial  restatement 
is  the  result  of  stock  options  having  been 
granted  irregularly,  with  incorrect  dates, 
without  required  documentation,  or  with 
issue  dates  and  strike  prices  that  had  been 
altered,  the  company  said.  An  independent 
investigation  found  no  intentional  wrong¬ 
doing  by  Sclavos  or  Evan. 
www.nwdocfinder.com/9568 

Oracle  to  release  46  patches. 

Oracle  will  release  46  patches  on  Tuesday 
for  products  that  include  its  Oracle 
Database  lOg,  Application  Server  and 
E-Business  Suite.  Oracle  Database  will  get 
20  fixes,  two  of  which  address  vulnerabili¬ 
ties  that  could  allow  remote  execution  of 
code  on  the  network  without  authentica¬ 
tion. The  most  serious  of  the  database  vul¬ 
nerabilities  is  ranked  medium  in  severity, 
according  to  the  Common  Vulnerability 
Scoring  System.The  E-Business  Suite  will  get 
14  patches,  also  for  vulnerabilities  that 
could  be  exploited  over  a  network  without 
a  user  name  and  password. Three  of  the 
four  patches  for  Application  Server  fix  prob¬ 
lems  that  also  could  be  exploited  remotely. 
The  remaining  patches  are  for  Oracle’s 
Collaboration  Suite,  PeopleSoft  Enterprise 
PeopleTools,  PeopleSoft  Enterprise 
Customer  Relationship  Management  and 
PeopleSoft  Enterprise  Human  Capital 
Management.  (See  related  story  about 
Oracle’s  1 1  g  database,  page  12.) 
www.nwdocfinder.com/9569 
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Spotlight  KgACH 

Movie  club  sees 
stolen-info  horror 
show.  An  undis¬ 
closed  number  of 
Disney  Movie  Club 
members  have 
received  letters 
informing  them  that  their  credit  card 
information  was  sold  by  an  employee  of 
a  Disney  contractor  to  a  federal  agent  as 
part  of  an  undercover  sting  operation, 
Network  World's  Buzzblog  author  Paul 
McNamara  has  learned.The  sting  oc¬ 
curred  sometime  in  May,  while  the  letter 
—  a  copy  of  which  was  forwarded  to 
Buzzblog  by  the  security  Web  site  attri- 
tion.org  —  is  dated  July  6.  Disney  insists 
earlier  notification  was  not  possible 
because  of  the  dictates  of  an  ongoing 
criminal  investigation,  and  cites  the 
same  reason  for  declining  to  release 
details  of  the  episode.  A  third-party  con¬ 
tractor,  Alta  Resources,  is  taking  the  rap. 
www.nwdocfinder.com/9562 

Wrong  guy’s  data  exposed. 

Receiving  one  of  those  “sorry  about 
that”  letters  was  Herve  Roggero,  man¬ 
aging  partner  with  database  security 
company  Pyn  Logic.  "The  first  thing  that 
came  to  my  mind  was  ‘Oh,  no. . .  .That’s 
the  real  thing — 'lam  used  to  seeing 
these  letters  since  I  am  in  the  security 
business,  but  this  is  my  first  direct 
exposure,”  he  said.  What  an  interesting 
thought ...  a  database  security  expert’s 
credit  card  at  risk  caused  by  poor  third- 
party  data  security  practices.  Funny  and 
sad  at  the  same  time. 
www.nwdocfinder.com/9564 

Another  victim’s  tale. The  letter  says 
there’s  no  evidence  that  the  compro¬ 
mised  numbers  have  been  misused.  One 
Buzzblog  reader  disagrees:  “We 
received  one  of  these  notices  yesterday. 

. . .  About  two  or  three  months  ago,  we 
got  word  from  Discover  that  an  $8,000 
charge  had  been  made  against  our  card. 

. .  .Then  we  received  the  Disney/Alta 
letter.  I  thought:  What  Discover  number? 
The  old  or  the  new  number?  So  I  called 
and  spoke  with  a  supervisor.They  finally 
admitted  it  was  our  new  Discover  num¬ 
ber.  ...  In  the  17  years  we've  had  our 
Discover  card,  we  never  had  a  security 
issue.Then,  in  the  space  of  two  or  three 
months,  we  had  these  two  fraud  events.  I 
believe  they  are  related.” 
www.nwdocfinder.com/9565 
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_DAY  68:  Our  IT  environment  is  completely  rigid!  We 
can’t  align  IT  to  meet  the  larger  business  needs.  I  told 
Gil  we  need  an  SOA  so  we  can  be  proactive  for  once. 


_Gil  brought  in  contractors  and  made  the  entire  office 
“modular”  and  “flexible.”  Gil,  I  am  not  a  hamster. 


_DAY  70:  This  should  free  us  up:  IBM  SOA  solutions  built 
with  IBM  WebSphere?  Now  we  have  the  hardware,  software 
and  services  for  a  flexible  IT  infrastructure.  IBM 
has  helped  3,600  companies  implement  an  SOA.  And  getting 
started  was  easy.  Now  our  business  is  built  for  change. 

_I  don’t  have  to  crawl  with  my  coffee  anymore.  It’s  great. 


iD.iu'vi  n»/yy,  anu  law  uo 

©2007  IBM  Corporation.  AHrights  reserved: 
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COOL  TOOLS: 


VIDEO: 


RIM  throws  a  sharp 
Curve 

Program  Director  Keith 
Shaw  checks  out  the 
BlackBerry  Curve, 
which  should  make 
companies  happy  that 
want  a  digital  camera 
on  their  e-mail  device. 
www.nwdocfinder.com/9559 


Inside  NAC  testing 

Get  a  detailed  look  at 
how  engineers  are 
making  NAC  systems 
compatible. 

www.nwdocfinder.com/9560 


IT  spending  grows  - 
whoo-hoo! 

Multimedia  Editors 
Jason  Meserve  and 
Shaw  discuss  Google’s 
Postini  purchase  and  IT 
spending  more  on  net¬ 
work  gear,  and  try  to 
design  their  own  avatars 
for  the  Simpsons  movie. 
www.nwdocfinder.com/9561 


BEST  OF  NW’S 

NEWSLETTERS 


Nortel  shares  wireless  strategy 

Plus:  Wikis  can  improve  the  utility  of  e-mail 


DEXPQAV  from  our 

I  LLiiuMT  ONLINE  FORUMS 


■  Call  it  asset  recovery.  Connie Twynham 
notes  the  increasing  retirement  of  baby 
boomers  from  the  IT  workforce  and  says 
managers  need  to  figure  out  how  to  retain 
their  knowledge  when  they  leave.  "It  also 
sounds  like  IT  managers  need  to  begin  to 
harvest  the  intellectual  property  that  is  on 
hard  drives  and  in  heads  before  it  retires  out 
the  door.  Too  often  critical  information  is 
only  known  by  a  selected  few  and  not  acces¬ 
sible  to  the  'new  guy.’  Where  is  your  infra¬ 
structure  documentation  kept?” 
www.nwdocfinder.com/9550 

■  Attack  of  the  botnets.  Some  users  say 
they  are  getting  tired  of  scare  tactics  by 
vendors  trying  to  sell  them  antibotnet  wares 
—  especially  if  they're  smaller  shops.  Indy 

writes  it's  really  a 
question  of  good 
basic  security:  “We 
can’t  even  have  zom¬ 
bies  without  massive 
alarms,  either  the 
IDS,  proxy  server 
would  get  them,  or 
the  firewall  would 
through  up  alarms  through  use  of  unsup¬ 
ported  ports.” 

www.nwdocfinder.com/9551 

■  What’s  slowing  down  IPv6?  Simon 
Hackett  writes:  “As  an  ISP,  the  major  barrier 
I  see  to  being  able  to  promote  end-to-end 
IPv6  to  our  customers  is  the  current  almost 
total  lack  of  native  IPv6  support  in  consumer 
CPE  (in  our  geographic  market,  ADSL  CPE, 
but  broadband  CPE  in  general).  Sure,  my 
Macs  all  support  IPv6  natively.  Sure,  my  in¬ 
ternational-extent  Cisco  Powered  Network 
consists  entirely  of  routers  that  can  run 
native  IPv6  too.  But  in  between  them  are 
ADSL  customer  routers  that  only  speak 
IPv4.”  www.nwdocfinder.com/9552 

■  Bidi  bidi  bidi.  Eric  Piehl  is  a  fan  ofTWiki,  a 
Perl-based  Wiki:  “Within  two  weeks  of  joining 
the  group,  and  already  have  important  infor¬ 
mation  splattered  across  a  dozen  e-mails  of 
the  hundred  or  so,  I  started  harvesting  the 
information  and  made  myself  a  list.  Pretty 
soon  I  found  out  about TWiki,  and  moved  the 

information  there _ I  published  it  for  others. 

Then  had  to  develop  a  way  to  publish  it  for 
other  team  members  in  four .  .  .  states  and 
one  other  continent. 
www.nwdocfinder.com/9553 

■  Know  anything  about  Liferay?  A  user 
seeks  some  advice  on  setting  up  this  Java 
portal  application. 

www.nwdocfinder.com/9554 


IT  careers  &  training:  Alcatel-Lucent 
launched  what  it  claims  to  be  the  industry’s 
first  service  routing-certification  program  for 
IP  professionals  in  the  service-provider  mar- 
ket.The  program  aims  to  teach  candidates  the 
skills  and  competencies  required  to  design, 
deploy  troubleshoot,  and  maintain  fixed  and 
mobile  networks  for  next-generation  services, 
such  as  triple-play  IPTV VPN.VolP  over  carrier 
networks,  and  video-on-demand. The  equip¬ 
ment  provider  says  the  current  crop  of 
advanced-networking  certifications,  such  as 
Ciscos  CC1E  and  the  Juniper  equivalent,  is 
focused  at  the  IP-protocol  level.  Alcatel- 
Lucent’s  program  teaches  students  how  to 
design,  configure  and  validate  services  on  top 
of  the  network.  Much  of  the  focus  will  be  to 
understand  the  relationship  between  services 
and  the  underlying  protocol,  according  to  the 
company  www.nwdocflnder.com/9556 

Network/systems  management:  When 
it  comes  to  network  latency  nobody  cares 
more  than  the  financial-services  industry 
because  even  the  tiniest  slowdown  in  net¬ 
work  performance  can  translate  into  mil¬ 
lions  of  dollars  in  lost  revenue. That’s  why  it’s 
a  big  deal  when  a  leading  stock  exchange 
chooses  a  service  provider  for  its  network. 


The  London  Stock  Exchange’s  300-plus  cor¬ 
porate  customers  can  choose  to  access  its 
Infolect  real-time  trading  and  share  pricing 
information  directly  through  its  own  IP  net¬ 
work  or  through  an  approved  service 
provider,  such  asYipes. 
www.nwdocfinder.com/9557 

Unified  communications:  E-mail  is  a  fan¬ 
tastically  useful  tool  for  many  applications, 
but  project  management  using  e-mail  as  the 
primary  communications  vehicle  could  use 
improvement.  Deficiencies  of  e-mail  for 
managing  projects  include  the  fact  that  only 
specified  recipients  are  on  the  distribution 
list  for  updates,  and  lots  of  ‘spammy’  mes¬ 
sages  are  sent  (for  example,  the  ‘Thanks!’ 
messages  that  are  often  sent  via  reply  all  in 
response  to  delivery  of  a  draft  document  or 
other  message).  A  better  way  to  communi¬ 
cate  is  through  the  use  of  a  wiki,  a  permis- 
sions-based  Web  page  or  Web  site  that  lets 
users  add  various  types  of  content,  modify 
existing  content,  add  Web  links  and  perform 
other  tasks.  Wikis  make  it  easier  for  groups 
to  collaborate  on  projects  and  other  work 
by  improving  the  efficiency  of  communica¬ 
tions  between  members  of  the  group. 
www.nwdocflnder.com/9558 


8  •  JULY  16,  2007  •  www.networkworld.com 


.INFRASTRUCTURE  LOG 


\\ 

% 

S 


1 


_DAY  25:  Our  ad  hoc  security  solutions  are  not  enough.  We 
can’t  handle  new  threats.  We’re  always  playing  catch-up. 
We’re  leaving  ourselves  vulnerable  and  exposed. 


.Gil’s  had  a  security  epiphany:  high-powered  lasers. 
They’re  everywhere.  I  keep  zapping  myself  as  I  type. 

.DAY  26:  I’m  taking  back  control  with  a  security 
solution  from  IBM.  Their  security  service  experts  can 
help  us  assess  our  needs.  IBM  Tivoli®  helps  us  monitor 
and  respond  to  threats  while  managing  access  to  our 
information.  And  the  IBM  System  z™’s  encryption  and 
multilevel  security  features  are  legendary. 
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NEWS  ANALYSIS 

EMC  upgrades  garner 
praise  on  ‘green’  benefits 


BY  DENI  CONNOR 

Greater  capacity  greener  results:  That  combi¬ 
nation  of  benefits  stands  as  the  core  of  a  bat¬ 
tery  of  major  product  upgrades  coming  from 
EMC  this  week,  according  to  industry  experts. 

In  a  Webcast  today,  the  company  is  expect¬ 
ed  to  introduce  a  high-end  Symmetrix  DMX- 
4  storage  system,  as  well  as  enhancements 
to  its  midrange  Clariion  array,  Celerra  net- 
work-attached  storage  (NAS)  box  and  con¬ 
tent-addressable  Centera  storage  system. The 
higher-capacity  drives  being  added  to  most 
of  its  systems  are  expected  to  consume  25% 
less  power,  according  to  EMC’s  estimates. 
The  company  also  is  adding  security  and 
availability  features. 

“A  lot  of  the  new  features  are  related  to 
power  and  cooling,”  says  Stephanie  Balouras, 
senior  analyst  with  Forrester  Research.“EMC  is 
laying  the  foundation  for  a  pretty  strong  cam¬ 
paign  on  green  IT  and  how  they  can  gain  effi¬ 
ciencies  in  the  data  center” 

Greg  Schulz,  senior  analyst  for  StoragelO, 
says,  “EMC  is  refreshing,  enhancing  and 
increasing  both  the  scale-up/scale-down  and 
scale-out  capabilities  of  their  systems.There  is 
more  meat  on  the  bone  than  other  vendors 
who  have  announced  upgrades  recently’ 

The  company  last  introduced  new  Sym¬ 
metrix  gear  1 7  months  ago,  systems  that  used 
500GB  drives  and  had  a  maximum  capacity  of 
more  than  a  petabyte.  Hitachi,  by  contrast,  last 
upgraded  its  Universal  Storage  Platform  in 
May  one  year  after  it  upgraded  its  perform¬ 
ance  and  added  availability  enhancements.  In 
June,  HP  announced  green  features  for  its 
Enterprise  Virtual  Array,  such  as  low-cost  and 
slower  Fibre  Advanced  Technology  Attach¬ 
ment  (ATA)  drives. 

Specifically,  EMC  is  set  to  announce  a  DMX-4 
array  with  end-to-end  4Gbps  Fibre  Channel 
connectivity.  The  new  DMX-4  also  lets  cus¬ 
tomers  intermix  Fibre  Channel  and  Serial  ATA 
drives,  and  use  increased-capacity  750GB  dri¬ 
ves  that  will  lower  power  consumption  by  as 
much  as  25%.  Performance  in  the  replication 
of  data  between  arrays  also  will  be  increased, 
sources  say  As  promised  in  February  at  the 
RSA  Conference,  EMC  also  will  integrate  secu¬ 
rity  features  from  its  RSA  division  more  tightly 
into  the  DMX^l. 

The  Clariion  line  of  midrange  storage 
arrays  will  see  performance  enhancements 
and  now  support  RAID  6,  which  sometimes 
is  called  “double  parity”  In  RAID  6,  if  two  disk 
drives  fail  within  a  single  RAID  group,  data 
can  be  rebuilt.  RAID  6  support  for  the 
Symmetrix  was  announced  earlier  this  year. 
Like  the  DMX-4,  the  Ciariions  will  be  inte¬ 
grated  more  tightly  with  security  capabilities 


Making  storage  green 

By  using  higher-capacity  disk 
drives,  customers  can  deploy 
fewer  drives  and  hence,  consume 
less  power. 


Vendor 

Storage 

system 

Drive  Type 

EMC 

Symmetrix 

DMX-4 

750GB  Fibre 
Channel 

HP 

Enterprise 
Virtual  Array 

500GB  Fibre 
ATA 

IBM 

System 

Storage 

DS8000 

500GB  Fibre 
ATA 

Hitachi 

Universal 

Storage 

Platform 

500GB  Fibre 
Channel 

from  RSA. 

As  for  the  Celerra  NAS  array  the  capability 
to  add  block-level,  storage-area  networking 
support  will  be  added  but  won’t  require  a 
separate  NAS  gateway.  The  Celerra  also  will 
support  thin  provisioning  and,  according  to 
sources,  will  be  able  to  be  set  up  in  less  than 
15  minutes.  In  thin  provisioning,  a  single  pool 
of  storage  can  be  allocated  virtually  to  appli¬ 
cations  and  storage  capacity  can  be  oversub¬ 
scribed  to  improve  utilization.  A  single-con¬ 
troller-node  Celerra  also  will  be  introduced 
—  this  array  the  NS20,  can  be  upgraded  as 
needs  require,  to  the  level  of  the  present  dual¬ 
controller  NS40,  which  supports  as  much  as 
32TB  of  capacity. 

Finally  the  Centera  will  include  750GB  drives 
and  be  backward-compatible  with  previous 
Centera  versions.  EMC  is  also  promoting  sever¬ 
al  energy-efficient  features  of  the  Centera,  such 
as  drives  that  consume  25%  less  power.  Like  the 
DMX-4  and  new  Ciariions,  the  refreshed 
Centera  will  include  RSA  security  features. 

With  the  expanded  product  line,  EMC  con¬ 
tinues  to  bolster  its  hardware  platform.  The 
company  maintained  its  lead  in  external  disk 
systems  with  almost  a  25%  market  share  in 
2006,  according  to  Gartner.  IBM  followed  EMC 
with  15.8%  of  the  market. 

Almost  half  of  EMC’s  revenue  is  derived 
from  its  storage  systems.  In  the  first  quarter  of 
2006,  systems  revenue  represented  44%  of 
total  revenue,  software  licenses  and  mainte¬ 
nance  revenue  represented  40%,  and  profes¬ 
sional  services  and  systems  revenue  account¬ 
ed  for  16%  of  total  revenue.  ■ 


InBrief 


Agency  is  just  warming  up, 

FBI  warns  spammers 

U.S.  Internet  users  will  see  a  growing 
number  of  legal  actions  against  spammers 
and  operators  of  botnets,  said  FBI  special 
agent  J.  Keith  Mularski,  speaking  at  the 
FederalTrade  Commission’s  spam  summit. 
The  FBI  has  70  active  investigations  into 
spam-related  crimes. 

The  FBI  has  worked  with  the  National 
Cyber- Forensics  andTraining  Alliance,  a 
partnership  of  law  enforcement  agencies, 
universities  and  private  businesses,  to 
identify  spammers,  he  said. The  NCFTA, 
launched  in  2002,  has  identified  more  than 
100  “significant  spammers,”  including  five 
tied  to  traditional  organized  crime, 
Mularski  said. 

Survey:  Gable  companies  best 
telcos  in  satisfying  customers 

Cable  companies  lead  the  customer  satis¬ 
faction  rankings  for  telephone  service  in 
six  U.S.  regions  for  the  first  time,  says 
J.D.  Power  and  Associates.  According  to 
the  firm’s  study  released  last  week,  cable 
companies  offering  bundled-service  pack¬ 
ages  are  proving  to  be  tough  competition 
for  traditional  telephone  providers. The 
study  finds  that  86%  of  cable-based  voice 
subscribers  also  subscribe  to  data  ser¬ 
vices  from  the  same  provider —  an 
increase  from  71%  in  2006.  Conversely, 

36%  of  telecom-based  voice  subscribers 
also  use  their  provider  to  fulfill  their  data 
needs,  which  is  an  increase  of  7%  com¬ 
pared  to  2006. 

Apple  fixes  serious  flaws 
in  QuickTime  media  player 

Apple  has  patched  a  number  of  critical 
flaws  in  its  QuickTime  media  player.  With 
the  7.2  update,  users  now  can  view  videos 
on  the  full  screen  with  the  QuickTime 
player,  but  the  software  also  contains  a 
number  of  critical  security  fixes.  In  total, 
Apple  has  addressed  eight  security  vul¬ 
nerabilities  with  the  release,  which  was 
made  public  last  week.  Four  flaws  are  the 
result  of  memory-corruption  or  integer- 
overflow  bugs  that  could  cause  the  viewer 
to  crash  if  QuickTime  were  used  to  view 
maliciously  crafted  movies  or  files. 
Another  three  critical  flaws  relate  to 
design  issues  in  QuickTime  for  Java. 
Attackers  theoretically  could  exploit  these 
flaws  by  posting  malicious  Java  applets 
on  a  Web  site,  where  they  could  then  com¬ 
promise  a  victim’s  computer. 
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.DAY  74:  We’re  stuck  dealing  with  multiple  interfaces 
and  apps.  We  can’t  find  the  relevant  info  we  need. 

I  feel  like  it  takes  six  of  us  to  do  one  person’s  job. 

.Six  Gils?  They  better  not  all  have  to  sign  my  time  sheet. 

.DAY  76:  I’m  freeing  everyone  up  with  IBM  WebSphere® 
Portal.  It’s  the  fastest  and  easiest  way  to  integrate 
everything  for  seamless  access  to  our  info.  It  gives 
each  of  us  a  single,  customizable  interface.  And 
running  it  on  a  System  p™  with  virtualization  technology 
saves  us  time  and  energy. 

.Back  to  one  Gil.  There’s  so  much  less  of  him  to  love  now. 
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Ballmer  talks  software  and  services 


**This  is  a  long-term  migration  to  bring  the 
best  of  the  Web  together  with  the  best  of  the 
enterprise.55 

Steve  Ballmer 

CEO  of  Microsoft 


BY  JOHN  FONTANA 

DENVER  —  Microsoft  CEO  Steve  Ballmer 
said  traditional  enterprise  software  is  the  here 
and  now  but  partners  and  users  should  start 
preparing  for  a  world  that  will  meld  software 
and  services.  Ballmer  laid  out  a  road  map  for 
the  future,  not  only  for  Microsoft  but  for  all  of 
the  partners  that  build  software  on  top  of  the 
Windows  platform,  during  his  keynote  address 
at  the  company’s  annual  Worldwide  Partner 
Conference. 

He  said  traditional  software  will  continue  to 
generate  the  bulk  of  sales  revenue  but  that  a 
software-plus-services  world  is  not  far  behind. 

Ballmer  circulated  among  the  crowd  shaking 
hands  and  clapping  to  build  excitement.  He 
then  jogged  to  the  stage  where  he  huffed  and 
puffed  and  bellowed  the  virtues  of  the  8,000 
gathered  partners. 

His  message  was  for  everyone  to  get  on  the 
software-plus-services  bandwagon,  Microsoft’s 
version  of  the  software-as-a-service  trend  now 
dominating  industry  hype. 

In  terms  of  the  beginning  of  this  new  era, 
Ballmer  said  the  time  is  now. 


BY  CHINA  MARTENS,  IDG  NEWS  SERVICE 

Oracle  hopes  that  new  security  testing  and 
management  features  offered  in  Oracle 
Database  1  lg  will  lead  users  to  migrate  to  the 
major  release  sooner  rather  than  later. 

Unveiled  last  week  at  an  event  in  New  York, 
1  lg  is  Oracle’s  successor  to  the  lOg  releases  1 
and  2  of  its  database.  The  vendor  shipped  the 
first  release  of  lOg  in  February  2004. The  com¬ 
pany  has  worked  closely  with  customers  over 
the  course  of  a  lengthy  beta  testing  program, 
which  began  in  September,  and  some  of  those 
users  noted  that  it  had  been  hard  to  pin  Oracle 
down  on  a  launch  date  for  1  lg.  The  vendor 
only  publicly  committed  to  July  1 1  as  the  data¬ 
base’s  coming-out  party  just  over  a  month  ago. 

“Oracle  was  a  little  bit  more  cautious,  want¬ 
ing  to  make  sure  they  got  the  product  right,” 
said  Ari  Kaplan,  president  of  the  Independent 
Oracle  Users  Group  (IOUG),  which  was  heav¬ 
ily  involved  in  the  1  lg  beta-testing  program. 

IOUG  members  are  bullish  on  their  plans  to 
move  to  the  new  database.  A  recent  poll  of 
around  400  of  them  indicated  that  35%  of  re 
spondents  planned  to  upgrade  to  1  lg  within  a 
year  of  its  release,  with  an  additional  53%  look¬ 
ing  to  move  to  the  new  database  in  the  next 
few  years,  according  to  Kaplan.  This  is  an  im- 


“We  as  a  company  are  innovating,  writing 
new  software;  we  will  be  out  with  beta  and 
design  previews  and  we  will  be  looking  for 
feedback,”  he  said.“The  time  to  engage  is  now” 
Ballmer  said  the  future  will  include  ele¬ 
ments  of  today’s  technology  combined  with 
new  service  models.  “We  need  the  best  of  the 
desktop,  the  best  of  the  enterprise  and  the 
best  of  the  online  world,”  he  said. “We  need  to 
bring  together  rich  user  interfaces,  offline  and 
online  access,  and  what  I  call  personal  inte¬ 
gration  to  go  in  and  bring  things  together,  inte¬ 
grate  them, store  them  and  link  them  together 
in  unique  and  arbitrary  ways.” 


provement  on  previous  surveys  about  earlier 
Oracle  releases,  where  the  same  percentage 
looked  to  migrate  within  the  first  18  months 
following  a  new  version  of  the  database. 

Kaplan  was  interested  in  the  improved  inte¬ 
gration  of  1  lg  with  Oracle’s  Audit  Vault  and 
Database  Vault  software.  “There’s  a  key  flaw 
with  all  databases,”  he  said.  “If  they’re  smart,  a 
DBA  [database  administrator]  can  modify 
data  and  cover  their  tracks”  because  DBAs 
tend  to  have  unlimited  access  to  databases. 
The  technologies  in  Oracle’s  vaulting  software 
make  that  impossible  because  every  action  a 
DBA  executes  “goes  into  a  lockbox  that  they 
are  powerless  to  modify’  Kaplan  added. 

Wachovia  hopes  to  complete  its  internal  pro¬ 
cess  to  certify  1  lg  for  use  within  the  organiza¬ 
tion  by  year-end  and  then  to  have  its  migration 
efforts  well  underway  in  2008,  according  to  Ed 
Mulheren, senior  database  administrator  at  the 
financial  services  company 

He  says  the  improved  security  features  in  1  lg 
will  help  Wachovia  meet  the  regulatory 
demands  in  the  financial  services  market. 
Mulheren  also  welcomes  1  lg’s  support  of  case- 
sensitive  passwords. 

Arup  Nanda,  senior  director  of  database 

See  Oracle,  page  41 


Ballmer  said  a  good  example  today  is  Ex¬ 
change  and  Outlook. 

“Outlook  is  a  rich-client  app,”  he  said.  “Out¬ 
look  Web  Access  is  an  AJAX  app  that  looks 
exactly  the  same,  talks  to  the  same  back  end. 
Office  Outlook  Mobile  is  a  device  form  factor, 
and  Office  Outlook  voice  access  makes  this 
successful  even  vs.  the  telephone.  And  as  Ex¬ 
change  has  moved  out  to  live  in  a  hosted  form, 
it  is  moved  to  use  HTTP  protocols  and  is  per¬ 
haps  the  closest  model  we  have,  I  think,  to  what 
people  will  really  want  in  the  future. That  is  the 
user  interface  side.” 

Ballmer  demonstrated  Silverlight,  Microsoft’s 
new  platform  for  rich  Web-based  applications, 
and  said  the  back-end  computation  would  not 
be  done  on  corporate-deployed  infrastructure 
but  on  large-scale  services  in  the  future. 

“This  is  a  long-term  migration  to  bring  the 
best  of  the  Web  together  with  the  best  of  the 
enterprise,”  he  said. 

Ballmer  said  Microsoft  will  deliver  on  a  ser¬ 
vices  platform  the  same  sorts  of  capabilities  it 
delivers  today  in  packaged  software,  such  as 
Windows  Server  and  Active  Directory  He  said 
Microsoft  will  offer  personal  services  for  indi¬ 
viduals  such  as  Windows  Live  and  Office  Live, 
business  services,  such  as  today’s  hosted  Ex¬ 
change,  communications  and  collaboration 
services,  and  online  services,  such  as 
Dynamics  CRM. 

He  also  mentioned  the  unveiling  later  this 
year  of  Version  1  of  Windows  Live  Cloud  Infra¬ 
structure  services  and  said  partners  would  be 
called  on  to  help  resell  all  these  services.'This 
is  the  set  of  things  on  the  radars  he  said.  But  he 
added  that  partners  would  still  have  a  lot  of 
opportunity  in  the  short  run  to  sell  current  and 
upcoming  technology  such  as  Vista,  Office, 
Windows  Server  2008  and  SQL  Server  2008. 
“The  business  we  do  this  year  will  continue  to 
be  on  traditional  on-premises  software.” 

He  said  the  consumer  wave  of  services  adop¬ 
tion  is  now  underway  and  that  enterprise  are 
planning  and  testing  hosted  services. 

“Many  of  the  customers  that  I  talk  to  are  say¬ 
ing ‘I  am  going  with  the  new  Exchange, the  new 
ShareFbint,  the  new  Office,  but  I  am  going 
because  1  know  you  are  gong  to  move  those 
things  to  a  hosted  service  and  I  want  the  bene¬ 
fits’  Priority  No.  1  in  terms  of  our  long-term  out¬ 
look  is  this  transformation,”  Ballmer  said.  ■ 


Oracle  touts  security  tests 
as  draw  to  11g  database 
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For  you,  it’s  a  problem  you  didn’t  see 

For  your  business,  it’s  a  customer 
you  won’t  see  coming  back. 


You  can’t  anticipate  every  problem.  But  Emerson  Network  Power  and  its 
Liebert  power  and  cooling  technologies  can  help  you  create  an  IT  infrastructure 
that  is  ready  for  anything— unplanned  outages,  unpredictable  growth  or 
unexpected  technologies. 

One  example  is  the  Liebert  NX,  a  software-scalable  UPS  that  can  double  in 
capacity  without  adding  or  modifying  hardware.  Download  our  white  paper, 
Powering  Change  in  the  Data  Center,  and  discover  what  Liebert  technologies 
can  do  for  your  operating  flexibility,  at  flexibility.liebert.com. 


Liebert  flexibility 

Just  another  reason  why  Emerson  Network  Power  is  the  global  leader 
in  enabling  Business-Critical  Continuity"'' 


Emerson.  Business-Critical  Continuity  and  Liebert  are  trademarks  of  Emerson  Electric  Co.  or  one  of  its  affiliated  companies.  ©2007  Emerson  Electric  Co. 
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Open  document  efforts 

Massachusetts  is  leading  the  charge  for  adoption  of  the  Open  Document 
Format  (ODF)  and  on  July  2  tagged  a  proposal  to  its  electronic  documents 
policy  to  add  support  for  the  OpenXML  standard,  which  was  first  developed 
by  Microsoft  and  standardized  by  Ecma  International.  Open  document  efforts 
in  other  states  have  not  fared  as  well. 


State 

Status 

Massachusetts 

Working  under  limited  deployment  of  ODF;  Open  XML  open  to  public 
comment  until  July  20. 

California 

Stalled  in  committee. 

Connecticut 

Killed 

Florida 

Killed 

Minnesota 

Proposal  watered  down  to  mandate  state’s  IT  department  study  of 
open  document  issue. 

New  York 

Bill  passed  Assembly  and  amended  to  Senate  legislation  on 
production  and  preservation  of  electronic  documents. 

Oregon 

Killed 

Texas 

Killed 

Turbolinux 

continued  from  page  1 

Ecma’s  Open  XML  standard,  known  as  Ecma- 
376,  is  based  on  Microsoft’s  Open  XML,  which 
is  the  default  format  in  Office  2007.  Microsoft 
submitted  the  format  to  Ecma,  which  ap¬ 
proved  it  in  December. 

A  straitjacket  on  innovation 

Updegrove  said  the  level  of  detail  in  the 
6,039  pages  of  the  Ecma-376  specification  “will 
place  a  straitjacket  on  innovation,  restricting 
any  implementation  to  rigid  conformance.” 

“As  one  who  has  long  studied  and  promoted 
the  importance  of  open  standards,  I  urge 
[Massachusetts]  to  hold  the  marketplace  to  a 
higher  standard  and  to  refuse  to  include 
Ecma-376  on  its  approved  list.” 

Bethann  Pepoli,  acting  CIO  of  the  ITD,  said 
the  commonwealth  will  not  publish  any  cor¬ 
respondence  it  receives  during  the  public- 
comment  period,  which  ends  July  20,  until  af¬ 
ter  a  final  decision  on  adoption  is  made  at  the 
end  of  this  month. “We  have  received  about  50 
responses  so  far,  but  we  have  another  week 
left,”  she  said  during  a  July  12  interview.  Unlike 
Updegrove,  those  respondents  have  not  made 
their  comments  public. 

Pepoli  said  the  response  rate  is  not  heavier 
than  in  2005,  when  the  state  adopted  ODF  as 
an  open  format  and  received  nearly  160 
responses.  The  2005  campaign  sparked  a 
firestorm  of  debate  over  open  formats  that 


BY  CARA  GARRETSON 

Start-up  Yoomba  last  week  launched  its 
namesake  service  that  lets  e-mailers  place 
VoIP  calls  and  exchange  instant  messages. 

The  year-old  company  positions  its  free 
service  as  an  alternative  to  big  portals,  such 
as  AOL,  Google, Yahoo  and  MSN,  which  offer 
free  communications  services,  such  as  IM, 
but  only  to  registered  users  and  only  with 
other  registered  users,  says  Elad  Hemar, 
Yoomba  CEO. 

In  contrast,  Yoomba  operates  a  peer-to-peer 
service  that  lets  any  e-mail-address  owner 
place  a  VoIP  call  or  begin  an  IM  session  with 
any  other  email-address  owner,  whether  or 
not  the  recipient  also  is  a  Yoomba  user,  Hemar 
says.  Yoomba  offers  other  features,  such  as 
presence  —  letting  users  know  who  on  their 
contact  list  is  online  —  and  popularity  — 
resorting  contact  lists  so  those  most  often  con¬ 
tacted  rise  to  the  top. 

E-mailers  become  users  by  registering  at 
Yoomba’s  Web  site.  Unlike  other  services, 
Yoomba  doesn’t  require  registrants  to  set  up  a 
logon  and  password.  Instead,  they  enter  their  e- 
mail  address  and  the  registration  process  hap¬ 
pens  behind  the  scenes,  where  the  company’s 
server  links  that  e-mail  address  with  their  IP 


eventually  led  to  the  resignation  of  both  of  the 
ITD  CIOs  who  preceded  Pepoli. 

The  proposal  to  adopt  Open  XML  was  made 
July  2  as  part  of  Massachusetts’s  Enterprise 
Technical  Reference  Model  (ETRM)  4.0,  an 
architectural  framework  of  standards,  specifi¬ 
cations  and  technologies  that  support  Mass- 


address,  Hemar  explains. 

The  service  places  “call”  and  “chat”  buttons  in 
Outlook,  Outlook  Express  and  major  Web  mail 
interfaces  to  contact  people  on  the  user’s  con¬ 
tact  list. 

Using  a  user’s  existing  e-mail  contact  list 
avoids  what  Hemar  calls  the  “empty  refrigera¬ 
tor”  syndrome  (you  buy  a  new  refrigerator  and 
take  it  home,  but  it’s  useless  because  it’s 
empty).  Other  services  require  users  to  popu¬ 
late  new  contact  lists  with  other  users  who 
also  use  the  service.Yoomba  users  can  contact 
anyone  with  an  e-mail  address. 

With  other  services, “you  install  their  appli¬ 
cation,  you  register,  you  choose  a  password 
and  at  the  end  you  get  an  empty  application 
—  you  have  to  work  for  the  application.  With 
Yoomba,  it  works  for  you,”  Hemar  says. 

While  images  of  email  spammers  placing 
VoIP  calls  and  sending  IMs  quickly  come  to 
mind,  Hemar  says  the  company  is  using  the 
necessary  back-end  technology  to  prevent 
abuse.  “We  will  look  at  abnormal  usage  or  IP 
addresses  moving  around”  and  instantly  shut 
them  down,  he  says. 

Yoomba  plans  to  make  money  through  tar¬ 
geted  advertising  in  the  user’s  e-mail  interface, 
although  the  initial  version  has  no  ads.  ■ 


achusetts’  computing  environment. 

The  draft  listed  Ecma-376  as  one  of  its  major 
revisions. Today  ETRM  recognizes  only  ODF  as 
a  standard,  open  format. 

Enter  the  translators 

While  Massachusetts  is  working  through  its 
decision  on  Ecma-376,  Microsoft  said  last 
week  that  Turbolinux,  the  company  with  the 
leading  Linux  distribution  in  the  Asia-Pacific 
region,  would  help  develop  new  versions  of 
tools  to  translate  documents  between  ODF 
and  Office  2007  Open  XML. 

Turbolinux  distributes  a  version  of  Open- 
Office.org,  and  the  translator  will  add  read/- 
write  support  for  Open  XML. 

The  translator,  called  Open  XML  Translator 
1.0,  was  made  available  in  May  for  free  on 
SourceForge.net,  the  open  source  software- 
development  Web  site  where  the  first  proto¬ 
type  of  the  translator  was  posted  in  July  2006. 
The  tool  was  developed  under  the  open 
source  Berkeley  Software  Distribution  license. 

Linux  vendors  Novell,  Linspire  and  Xandros 
are  part  of  the  Open  XML  Translator  project. 
The  three  vendors  also  signed  a  cross-licensing 
patent  deal  with  Microsoft  before  the  June  29 
release  of  the  GNU  General  Public  License 
(GPL)  Version  3,  which  contains  provisions 
against  such  patent  deals. 

Turbolinux  was  rumored  to  be  considering 
signing  a  similar  deal  before  the  GPLv3 
release,  but  an  agreement  between  the  com¬ 
pany  and  Microsoft  never  materialized. 

Microsoft  also  said  that  more  than  1,150 
partners  from  50  countries  and  six  continents 
have  registered  support  for  Ecma-376. 

Two  weeks  ago,  Sun  released  the  first  ver¬ 
sion  of  its  own  ODF  translator  add-in  for 
Office.The  Sun  ODF  Plugin  works  with  Office 
2000,2003  and  XPB 


‘Call  my  e-mail,'  Yoomba  says 
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The  Linksys  Connected  Office 
Is  Open  for  Business! 


Linksys  Connected  Office  is  the  best  portfolio  of  industry-leading  products  and 
solutions  to  help  your  small  business  compete.  Start  or  expand  your  network 
with  affordable,  reliable  Business  Series  products  or  revolutionize  it  altogether 
with  Linksys  One,  the  integrated  data  and  voice  solution. 


To  learn  more  about  Linksys  Connected  Office  visit 

www.Hnksys.com/connectedoffice 
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Linksys  is  a  registered  trademark  or  trademark  of  Cisco  Systems,  Inc.  and/or  its  affiliates  in  the  U.S.and  certain  other  countries. 
Copyright  ©  2007  Cisco  Systems,  Inc.  All  rights  reserved. 
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Spammers  target  PDFs 


BY  CARA  GARRETSON 

Security  vendors  and  users 
agree  that  image  spam  is  finally 
on  the  decline,  but  at  the  same 
time  a  new  kind  of  spam  is  emerg¬ 
ing  that  uses  an  attached  PDF  file 
to  trick  recipients  into  buying 
stock  in  a  company 

Image  spam,  which  has  plagued 
antispam  filters  for  the  past  year,  is 
on  the  decline  as  e-mail  security 
vendors  have  tweaked  their  prod¬ 
ucts  to  block  it,  says  Paul  Henry 
vice  president  of  technology 
evangelism  with  Secure  Compu¬ 
ting.  Image  spam  has  long  fooled 
filters  because  the  message’s  text 
is  embedded  in  an  image  found 
in  an  e-mail’s  body  and  filters  until 
recently  couldn’t  decipher 
images.  At  the  beginning  of  July  it 
comprised  about  38%  of  all  spam 
and  is  now  down  to  about  half 
that  volume,  he  says. 

Stats  from  Symantec  also  show 
the  volume  of  image  spam,  which 
the  company  says  began  to 
decline  in  May  has  continued  to 
shrink  from  its  all-time  high  of  52% 
of  all  spam  sent  in  January 

“Image  spam  seems  to  be  de¬ 
creasing  .  .  .  Antispam  software, 
[real-time  black  lists]  and  other  fil¬ 
tering  techniques  have  done  a 
good  job  at  decreasing  the  previ¬ 
ous  spammers’  attempts;  it  is  now 
time  for  them  to  find  a  new 
avenue  to  annoy  us,”  says  Jim  De¬ 
Santis,  enterprise  messaging  archi¬ 
tect  with  Abhir  Technical 
Consulting. 

Beginning  to  take  image  spam’s 
place  is  PDF  spam,  in  which  the 
spammer  sends  an  e-mail  with  a 
PDF  attached  —  which  most 
spam  filters  can’t  read  —  that 
attempts  to  convince  the  recipient 
to  purchase  stocks.  So  far  security 
vendors  are  reporting  two  types:  a 
professional-looking  PDF  of  a 
newsletter  pumping  a  German 
company’s  stock  that  security 
company  IronPort  says  was  sent 
more  than  5  billion  times  in  its  first 
few  days;  and  a  more  rudimentary 
PDF  attachment  containing  text 
that  pumped  a  stock  that  Syman¬ 
tec  says  was  sent  to  more  than  30 
million  users  over  a  10-day  period 
in  late  June. 

So  far,  PDF  spam  isn’t  approach¬ 
ing  the  volumes  that  image  spam 
reached  —  Secure  Computing’s 
Henry  says  in  early  July  it  account- 
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An  example  of  a  PDF  attached  to  a  spam  message.  The  PDF 
is  designed  to  look  like  an  investor  newsletter,  attempting 
to  convince  the  recipient  to  buy  stock  in  this  German 
company. 


ed  for  about  4%  of  all  spam  sent 
—  yet  this  new  spam  trick  could 
prove  to  be  significantly  more 
malicious.  Henry  says  proof-of- 
concept  code  exists  that  demon¬ 
strates  security  vulnerabilities  in 
PDF  files,  which  means  PDF  spam 
could  carry  malware  that  is  secret¬ 
ly  downloaded  on  the  recipient’s 
PC.  Image  spam  was  only  danger¬ 
ous  to  those  recipients  who 
bought  the  stock  that  messages 
were  touting. 

“I  haven’t  seen  any  malware  yet 
in  PDF  spam,”  Henry  says. 

PDF  spam  does  hold  some 
potential  for  spammers  who  are 
advanced  enough  to  take  advan¬ 
tage  of  the  technology,  some  say 

“Simply  attaching  a  PDF  to  an  e- 
mail  and  randomizing  the  size 
and  name  of  the  title,  to  me,  does 
not  seem  all  that  impressive,  but  it 
seems  to  be  working,”  says  Kyle 


Ohme, director  of  technology  with 
W3i.com,  an  interactive  marketing 
services  provider. 

“I’m  interested  to  see  how  far 
this  will  go,  as  some  may  start  to 
use  some  of  the  more  advanced 
functions  of  Adobe  to  place  bea¬ 
cons  and  other  tracking  mecha¬ 
nisms  that  have  become  limited 
in  the  past  years,”  Ohme  says. 

Malware-laden  or  not,  PDF  spam 
is  an  example  of  how  spammers 
will  continue  to  innovate  in  order 
to  get  their  messages  across. 

“  The  tools  are  definitely  getting 
smarter ...  the  better  the  tools  the 
more  creative  spammers  will  be,” 
says  Sharon  Finney,  information 
security  administrator  with  De¬ 
kalb  Medical  Center  in  Decatur, 
Ga.“I  am  seeing  some  increases  in 
PDF  spam,  but  no  real  volume  yet. 
All  spam  is  a  nuisance  regardless 
of  the  technology  behind  it.”  ■ 
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Don’t  fall  for  conventional, 
cell-based  wireless  LAN 
systems  with  performance- 
related  problems  -  spec  the 
Belden  Wireless  Solution. 


Only  the  Belden  Wireless  LAN  offers 
Interference-free  performance,  with  no 
co-channel  interference,  no  roaming  latency 
problems  and  no  contention  between 
user  types,  devices  and  traffic.  It’s  also 
designed  to  be  a  plug-and-play  system: 
right  out  of  the  box  it’s  easy  to  plan, 
configure  and  manage...  without  the  need 
for  expensive  RF  site  surveys! 


What  else  makes  this  a  best-in-class  system? 
It’s  a  complete  Layer-2  edge  solution  -  so 
there’s  no  intrusion  on  the  core  network  - 
plus  it  consists  of  a  smart  Switch  and  “thin” 
radio  Access  Points,  so  no  RF  cell  planning 
is  needed  to  juggle  AP  performance.  To  gain 
capacity  -  and  a  guaranteed,  predictable 
data  rate  -  any  number  of  radio  APs  may 
be  utilized.  You’ll  also  gain  by  using  all  three 
channels  on  the  system’s  four  “Channel 
Blankets”  and  by  being  able  to  re-use  the 
channel  frequencies  (Spectrum  Re-Use). 


And  that’s  only  the  beginning.  Download  our 
webcast  on  “Top  8  Wireless  LAN  Problems 
and  How  to  Solve  Them”  at: 

www.belden.conVWireless.cfm 


Be  sure  to  look  to  the  leader  in  signal 
transmission  for  the  best  WLAN  solutions. 
Call  Belden  at  1.800. BELDEN.1 


Or,  visit  us  online  at 


BELDEN 

SENDING  ALL  THE  RIGHT  SIGNALS 


©2007,  Belden  Inc. 


SPECIAL  FOCUS:  DUAL-MODE  WIRELESS  TELEPHONY 


Wi-Fi  gets  together  with  cellular 

With  dual-mode  wireless  phones,  users  can  travel  between  Wi-Fi  networks 
and  cellular  networks  without  having  to  redial  calls. 


Corporate  campus 


1.  When  it  is  located  within  aWi-Fi  network,  the  dual-mode  phone  operates  as  a 
VoIP  handset. 


2.  As  users  pass  from  Wi-Fi  range,  they  trigger  a  command  to  the  IP  PBX  that  sets 
up  a  call  to  the  same  party  via  the  cellular  network. 

3.  After  the  phone  is  out  of  Wi-Fi  range,  the  PBX  conferences  together  the  handset 
with  the  cellular  connection.  Users  experience  a  break  in  the  connection  that  lasts 
a  few  seconds  while  the  two  ends  of  the  call  are  linked. 


Wireless  VoIP 

continued  from  page  1 

Earlier  this  year,  Nokia  demonstrated  dual¬ 
mode  support  for  Cisco  and  Alcatel  VoIP 
equipment, setting  the  stage  for  an  expected 
jump  in  the  popularity  of  these  roaming 
devices.  Siemens  and  DiVitas  Networks  an¬ 
nounced  similar  dual-mode  capabilities  ear¬ 
lier  this  year  (www.nwdocfinder.com/9535). 

According  to  Infonetics,  demand  for  dual¬ 
mode  phones  will  increase  over  the  next  two 
years  as  demand  for  single-mode  Wi-Fi  hand¬ 
sets  dips.  In  a  survey  earlier  this  year,  23%  of 
respondents  said  they  use  dual-mode 
phones  now,  and  that  will  grow  to  30%  in 
2009.  In  the  same  group,  45%  said  they  use 
single-mode  phones  now,  and  that  will 
decrease  to  34%  in  two  years.  The  reason  is 
that  as  dual-mode  phones  become  more 
available  and  affordable,  businesses  will  pre¬ 
fer  them  to  single  mode,  says  Mattheus 
Machowinski,  the  Infonetics  analyst  who 
wrote  the  report. 

Nortel  sees  the  uptake  of  wireless  as 
much  broader  issue,  recently  announcing 
plans  (www.nwdocfinder.com/9536)  to 
incorporate  wireless  capabilities  in  its  net¬ 
work  Ethernet  access  switches,  so  even 
workers  tied  to  desks  will  have  voice-over- 
wireless-LAN  (wireless  VoIP)  phones  and 
computers.  The  architecture  would  be 
appropriate  for  new  sites  where  installing 
wireless  gear  would  eliminate  the  need  for 
and  expense  of  installing  network-access 
wiring,  the  company  says.  Nortel  calls  this 
architecture  Unwired  Enterprise,  and  prod¬ 
ucts  that  support  it  are  scheduled  to  ship 
next  year. 

In  a  nutshell,  dual-mode  phones  are  VoIP 
PBX  extensions  while  on  the  WLAN  and 
standard  cell  phones  outside  WLAN  cover¬ 
age  areas.  Avaya  already  teams  with 
Motorola  to  pass  calls  uninterrupted  be¬ 
tween  the  two  types  of  wireless  network. 

Upgrading  WLANs 

Before  dual-mode  wireless  can  become 
mainstream, businesses  have  to  solve  a  set  of 
problems,  including  corporate-infrastructure 
upgrades, service-provider  initiatives  and  the 
fact  that  only  the  most  mobile  workers  need 
the  technology,  experts  say 

An  upgrade  of  WLANs  may  be  necessary 
to  support  VoIP  making  some  businesses 
reluctant,  says  Phillip  Redman,  an  analyst 
with  Gartner.“Most  enterprises  are  hesitant  to 
put  in  voice  over  wireless  because  it  means 
adding  more  access  points  to  add  capacity 
and  coverage,”  he  says.  “Wireline  is  already 
installed  and  inexpensive,  and  it  works. 
Unless  they  have  a  need  for  a  high  degree  of 
mobility  they’re  not  looking  to  transfer  it  to 
wireless  networks.” 

Dual-mode  phones  that  hand  off  calls  from 


Wi-Fi  to  cellular  networks  as  users  move 
around  could  be  part  of  the  answer,  but  that 
also  will  require  investment  by  businesses 
for  the  gear  needed  to  transfer  calls  between 
networks.  That  means  picking  vendors  care¬ 
fully  experts  say  The  reason:  so  few  U.S.  carri¬ 
ers  offer  a  network-based  service  that  sup¬ 
ports  these  handoffs,says  Lisa  Pierce,  an  ana¬ 
lyst  with  Forrester  Research. T-Mobile  recent¬ 
ly  announced  such  a  service,  and  at  least 
one  major  U.S.  carrier  plans  such  a  service 
later  this  year,  she  says,  but  declined  to  say 
which  it  is. 

Bridging  wireless  VoIP  to  cellular  networks 
is  of  interest  to  businesses  with  very  mobile 
workers  —  medical  facilities,  factories  and 
retail  stores.  Overall,  that  is  a  small  percent¬ 
age  of  workers.  Infonetics  recently  found  that 
6%  of  users  in  companies  surveyed  use  wire¬ 
less  VoIP  and  that  is  expected  to  double  in 
the  next  two  years. 

More  employees  going  mobile 

Larger  businesses  are  more  likely  to  use 
wireless  VoIP  because  they  have  a  better 
chance  of  having  at  least  some  employees 
who  need  to  be  mobile,  Machowinski  says. 
But  because  need  for  the  technology  is 
small  in  most  businesses,  they  steer  clear  of 
investing  in  it,  Redman  says. 

For  some  business  users,  dual-mode 
phones  are  important  because  they  can 
reduce  the  number  of  devices  individuals 


have  to  carry  Machowinski  says.  “Single¬ 
mode  handsets  aren’t  that  interesting  to 
some  businesses,  because  it  means  carrying 
around  one  more  device,”  he  says. 

For  other  users,  the  phone  won’t  be  an 
issue. “A  lot  of  [wireless  VoIP]  pickup  will  be 
on  softphones  running  on  a  laptop,”  he  says. 

Medical  mobile 

In  medical  settings,  however,  wireless  VoIP 
phones  are  valuable  to  nursing  staffs,  who 
spend  their  days  moving  from  room  to 
room.  For  instance,  University  of  Texas 
Southwestern  Medical  Center  in  Dallas  has 
deployed  600  wireless-VoIP  phones  to  hospi¬ 
tal  workers  on  campus,  says  Elwyn  Hull,  the 
center’s  director  of  telecommunications. 

“I  don’t  know  how  you  quantify  the  savings 
in  nurses’  time,  but  certainly  that  is  the  bene¬ 
fit  of  these  phones,” Hull  says.“It’s  saving  them 
hours  every  day”  Rather  than  run  back  to 
nursing  stations  to  check  voice  mail  or 
return  pager  calls,  they  receive  more  calls 
directly  on  the  wireless  phones  as  they  make 
rounds,  he  says.  “We  can  respond  more 
quickly.  It’s  frustrating  to  call  someone  for  a 
quick  call  and  get  voice  mail,”  he  says. 

The  school  bought  two  affiliated  hospitals 
in  2004.  One  of  them,  St.  Paul’s,  had  installed 
traditional  900MHz  wireless  phones  that 
were  integrated  with  the  hospital’s  Nortel 
PBX.  These  phones  required  separate  trans- 
See  Wireless  VoIP,  page  30 
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Let's  leave  the  hardware  where  it  is.  your  gateways,  even  your  phones.  Add  software.  Software  that 

Introducing  the  software-based  VoIP  solution  from  Microsoft.  integrates  with  Active  Directory;®  Microsoft®  Office, Microsoft 
It's  a  whole  new  way  to  look  at  telephony.  As  it  turns  out,  that  important  Exchange  Server,  and  your  PBX.  Simply  maximize  your  current  R8X 

move  to  VoIP  isn't  about  ripping  and  replacing  or  big,  upfront  costs.  investment  and  make  it  part  of  your  new  software-based  VoIP 

That's  because  it's  no  longer  about  hardware.  It's  actually  solution.  Because  what  you  have  is  good.  What  you  have  with  the 

about  software.  That's  right.  Keep  your  hardware — your  PBX,  right  software  is  even  better.  Learn  more  at  microsoft.CQnv'voip 


Your  potential.  Opr  passion 
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Go  online  at  www.nvrttocfinder.can/9549  to  post  your  comments  on  the  7  wonders  of  the  Internet. 


7  Get  lost 

There's  just  no  excuse  for  getting  lost  these  days,  what  with 
MapQuest,  MapsOnUs  and  Google  Maps  at  your  fingertips. 
GPS  may  be  better,  but  GPS  ain't  free. 


6.  Alphabet  soup 

On  DNS,  our  panel  waxes  wondrous:  “Simple,  elegant,  yet 
robust,  and  it  still  works";  “No  DNS,  no  Internet."  There's 
rhapsody  over  HTTP:  "Has  moved  the  Internet  out  of  the 
university  and  into  the  living  room.  Can  you  imagine 
Everyman  using  Archie,  Gopher  and  command-line  FTP?" 
Let  the  masses  belly-ache  about  acros:  Geeks  know  better. 


WHY  THEY  CHOSE  MAPQUEST 

Members  of  our  nominating  committee  explain  why  they  chose 
mapping  capabilities  —  MapQuest,  Google  Maps  and  the  like  — 
as  one  of  their  personal  7  Wonders  of  the  Internet. 

JohnaTill  Johnson:  MapQuest:  Reason:  impact  on  daily  life. 

Getting  directions  from  people  is  now 
obsolete.  GPS  is  still  one  of  those 
things  that  early  adopters  have. 

Liam  Noonan:  Online  maps:  Where  is 
that  standing  stone?  How  do  I  get  to 
that  concert  venue?  What's  happening 
in  Area  51? 

Phil  Daley:  Google  Maps:  Far  better 
(visually  and  for  information)  than  the 
other  has-beens  MapsOnUs, 
MapQuest,  etc.  Radar  weather-system 
maps:  I  use  lntellicast.com.  State-park 
reservation  systems  that  give  you  a 
park  map,  and  you  can  reserve  a  par¬ 
ticular  camping  site. 


WHY  THEY  CHOSE  DNS  AND  FRIENDS 

Members  of  our  nominating  committee  explain  why  they 
chose  alphabet  soup  —  the  technology  and  technologists 
behind  all  those  acronyms  that  baffle  civilians  —  as  one  of 
their  personal  7  Wonders  of  the  Internet. 

Jim  Albright:  IP  protocol:  The  Internet  in  its  infancy  needed 
an  addressing  scheme  that  was  routable  and  scalable.  Behold 
what  may  be  the  only  technology  to  survive  unchanged  since 
those  early  days.  There  may  be  a  better  way  to  handle  global 
addressing  through  binary  numbers,  but  no  one  has  been  able 
to  come  up  with  it  yet.  And  HTTP:  The  hypertext  language,  with 
its  graphics,  browsers  and  hyperlinks  has  moved  the  Internet 
out  of  the  university  and  into  the  living  room.  Can  you  imagine 
Everyman  using  Archie,  Gopher  and  command-line  FTP?  I  can't. 
By  making  the  Internet  user-friendly,  this  technology  has  caused 
an  explosion  in  the  markets  for  PCs  and  commercial  ISPs,  and 
made  a  Web  page  almost  a  requirement  for  any  business.  The 
Internet  was  around  for  roughly  a  quarter  of  a  century  before 
the  World  Wide  Web,  and  was  primarily  the  province  of  research 
institutions  and  government  agencies.  The  average  person  had 
not  heard  of  it.  In  less  than  half  that  time,  it  has  become  a 
household  word.  Without  HTTP,  it  would  still  be  the  obscure 
domain  of  the  technology  elite. 

Liam  Noonan:  DNS:  Simple,  elegant,  yet  robust,  and  it  still 
works.  VoIP:  Now  all  the  Irish  expats  can  talk  to  mammy  in 
Ireland  for  free  or  a  ridiculously  low  price. 

John  Gog:  The  Domain  Naming  System:  I  don’t  think  anyone 

beyond  the  tech-minded  ever 
stops  to  think  about  how  the 
Internet  would  be  only  the 
province  of  geeks  if  DNS  did¬ 
n't  work.  In  fact,  it's  probably 
safe  to  say  that  without  DNS, 
there  would  be  no  practical 
World  Wide  Web. 


WONDER 

OF  THE  INTERNET 

On  July  7  —  07/07/07 — The  New  7  Wonders  of 
the  World  were  anointed  in  Lisbon,  Portugal. 
Architecture:  Could  anything  be  any  more  20th 
century?  Here  at  Network  World ,  we  enlisted 
the  help  of  my  e-mail  list,  the  Buzzblog  Brigade, 
and  took  on  a  more  modern  assignment:  The  7 
Wonders  of  the  Internet  The  only  rule  I  offered 
our  voters  was  that  there  would  be  no  rules  — 
and  no  real  vote,  The  results  are  something  of  a 
Buzzblog  community  consensus  influenced  by 
my  personal  biases. 
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5.  Bad  to  the 
backbone 

Spammers,  scammers,  stalkers,  script  kiddies 
and  evildoers  of  every  stripe:  Given  the  dan¬ 
ger,  it's  a  wonder  anyone  dares  plug  their  PC 
into  a  wall  socket,  never  mind  the  Internet. 
Think  about  it:  Every  time  you  log  on,  you’re 
giving  the  bad  guys  the  finger. 

WHY  THEY  CHOSE  SPAM,  CYBERCRIME  AND 
SO  FORTH 

Members  of  our  nominating  committee  explain 
why  they  chose  spam,  cybercrime  and  all  the 
other  online  bad  stuff  as  one  of  their  personal  7 
Wonders  of  the  Internet. 

Ken  Diliberto:  Server  and  network  power:  Isn’t  it 
amazing  how  well  the  Internet  works  even 
though  99.99999%  of  the  'Net  traffic  is  spam?  It's 
a  wonder  that  mail  still  gets  delivered. 

John  Gog:  Spam:  You  didn't  say  these  had  to  be 
good  things.  Spam  is  a  marvel.  It’s  the  kudzu  of 
the  Internet.  The  fact  that  the  most  prolific  use 
of  bandwidth  and  e-mail  resources  is  junk  mail 
boggles  the  mind.  We  keep  hearing  that  it  will 
decline,  yet  it  continues  to  increase  as  ever- 
more-gullible  users  hit  the  Internet. 

Alan  Portman:  Spam:  “Spam?”  I  hear  you  ask. 
Yes,  spam.  I  have  had  an  e-mail  address  for 
about  15  years.  I  remember  one  of  the  first 
“mass  postings"  to  all  of  the  Usenet  user 
groups.  Yes,  the  guy  was  flamed,  but  he  made 
sales.  If  spam  were  not  effective,  it  would  stop 
being  used.  So,  as  long  as  you  will  send  some¬ 
body  money  for  fake  Viagra  or  buy  a  stock  in  a 
company  that  can’t  spell,  spam  will  be  with  us 


4.  For  sale 

Online  shopping  is  the  “Alice's  Restaurant"  of 
our  time:  You  and  your  credit  card  can  get 
anything  you  want  —  from  a  Zune  on  Amazon 
to  an  abode  on  Zillow.  Apricots  to  ziti,  if  you're 
city  folk.  Never  leave  your  house.  Nirvana. 

WHY  THEY  CHOSE  E-COMMERCE 

Members  of  our  nominating  committee  explain 
why  they  chose  e-commerce  and  online  shop¬ 


ping  as  one  of  their  personal  7  Wonders  of  the 
Internet. 

Jack  Miller:  Amazon:  The  first  real  proof  that 
the  Internet  was  truly  a  retail  giant.  EBay:  The 
second  site  that  proved  the  power  of  the 
Internet  —  the  world's  largest  garage  sale. 

Liam  Noonan:  Tech  review  and  comparison  Web 
sites:  Shop  smarter  and  save  money. 

Alan  Portman:  Expedia,  Orbitz  and  all  of  the 
other  travel  sites:  The  ability  of  just  about  anyone 
to  create  a  complete  travel  itinerary  and  book  it 
all  on  your  own  has  changed  the  travel  industry. 
Just  as  the  automobile  drove  the  blacksmiths 
and  saddle  makers  out  of  business,  travel  Web 
sites  (aided  by  airlines  seeing  a  way  to  make  an 
extra  nickel)  have  all  but  killed  travel  agents. 


3.  Cats  in  sinks 


Catsinsinks.com.  The 
site's  OK  —  if  you're  into 
cats.  In  sinks.  But  the 
idea  that  no  matter  what 
your  passion,  interest  or 
curiosity,  there’s  a  site  out 
there  for  you  and  the  like- 
minded?  Well,  that  makes 
the  list  —  and,  of  course,  there's  porn. 


WHY  THEY  CHOSE  CATSINSINKS.COM 


too  much  connectedness:  Those  who  make 
the  claim  sound  like  those  who  say  they 
don’t  watch  TV  —  unconvincing  at  best,  if 
not  pretentious. 

WHY  THEY  CHOSE  E-MAIL 

Members  of  our  nominating  committee  explain 
why  they  chose  e-mail,  despite  its  downsides  and 
challenges,  as  one  of  their  personal  7  Wonders  of 
the  Internet. 

Paul  Hoffman:  Internet 
mail:  Even  with  horren¬ 
dous  levels  of  spam,  it  still 
remains  the  most  com¬ 
mon  way  for  two  people 
to  communicate  on  the 
Internet.  If  for  no  other 
reason,  its  resilience  makes  it  a  wonder. 

Jim  Albright:  E-mail:  In  the  dozen  years  I’ve 
been  in  the  networking  field,  e-mail  has  grown 
from  an  afterthought  (“We  have  a  network  any¬ 
way,  so  we  might  as  well  put  e-mail  on  it")  to 
one  of,  if  not  the  primary  way  in  which  people 
communicate.  Many  companies  consider  it  to 
be  one  of  their  most  mission-critical  applica¬ 
tions.  And  the  proliferation  of  wireless  devices 
have  practically  rendered  “store  and  forward" 
an  obsolete  term,  as  users  clamor  for  real-time 
e-mail  delivery.  Fortunately,  the  boys  down  in 
QoS  still  don’t  see  it  that  way. 


2.  Hi 

E-mail  gets  a  bad  rap.  It's  become 
trendy  of  late  to  claim  a  break 
from  the  chains  that  bind  us  to 
our  in-boxes  and  CrackBerries. 
Too  much  time,  too  much  spam, 


Members  of  our  nominating  committee  explain 
why  they  chose  Catsinsinks.com  —  or  rather, 
the  idea  that  there's  a  site  out  there  like  it  for 
every  interest  imaginable  —  as  one  of  their  per¬ 
sonal  7  Wonders  of  the  Internet. 

Joel  Snyder:  Catsinsinks.com:  I  think  that  this  is 
a  particular  wonder  because  it's  a  use  of  tech¬ 
nology  so  far  different  than  what  it  was  original¬ 
ly  intended.  If,  for  example,  you  were  to  ask  any 
Web  person  10  years  ago,  "Do  you  think  that 
there  will  ever  be  a  Web  site  with  nothing  more 
than  pictures  of  cats  in  sinks?"  the  answer 
would  have  to  have  been,  "No,  are  you  kidding?" 
Everything  else,  from  porn  to  Google  to  e-com- 
merce,  could  have  been  reasonably  foreseen 
with  a  bit  of  luck.  But  Catsinsinks.com?  No. 

Alan  Portman:  OK,  I  will  say  it:  Cyberporn: 

Easily  the  most  profitable  of  all  Internet  busi¬ 
nesses,  cyberporn  has  changed  America.  The 
ability  for  anyone  to  view  the  erotic  images  of 
their  choice  in  the  privacy  of  their  own  home  is 
now  a  $500-million-a-year  business.  The  porn 
industry  has  always  been  at  the  forefront  of 
technological  change.  Porn  availability  on  VHS 
allowed  VHS  to  overshadow  the  superior  tech¬ 
nology,  Beta.  Vivid  Entertainment  has 
chosen  HD-DVD  for  their  content; 
anybody  want  to  bet  who  wins  the 
HD-DVD/Blu-ray  duel?  Adult  content 
is  moving  to  mobile  devices.  Look  for 
mobile-phone  porn  to  be  a  $50-million- 
dollar  industry  in  the  next  five  years 
(see  Electronic  Business,  July  2006). 


1.  Google 

That  haystack  ju^rkeeps  growing. There’s 
more  to  search  than  Google,  granted,  but 
when  you've  become  a  verb,  you’ve  earned 
the  right  to  represent  on  this  list  the  single 
most  critical  capability  available:  finding 
stuff.  It’s  a  never-ending  wonder  how  many 
needles  can  be  found  —  or  how  we  settled 
bar  bets  before  search  engines. 

WHY  THEY  CHOSE  GOOGLE 

Members  of  our  nominating  committee  explain 
why  they  chose  search  capabilities,  as  embod¬ 
ied  by  Google,  as  one  of  their  personal  7 
Wonders  of  the  Internet. 

George  Grenley:  Google:  What  can  I  say? 
Google  is  now  a  verb,  and  is  essential.  There 
may  be  a  better  search  engine  than  Google 
someday,  but  whatever  it  is,  it  will  be  the  won¬ 
der  of  the  world.  I’ll  go  so  far  as  to  say  that 
Google  is  so  far  in  the  lead  as  a  Wonder  of  the 
Internet  that  the  rest  of  these  items  should  be 
numbered  12  through  17,  not  2  through  7. 
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Do  you  need  an  $800  VoIP  phone? 

We  take  a  look  at  SIP  to  the  desktop  and  how  to  run  a  business  with  Skype 


BY  PHIL  HOCHMUTH 

VoIP  can  raise  a  number  of  concerns  in  the 
corporate  network  environment.  In  the  first 
part  of  our  Six  Burning  VoIP  Questions  series, 
we  looked  at  some  of  the  more  high-level 
issues,  such  as  trusting  Microsoft  with  VoIP 
implementations  and  whether  VoIP  is  a 
secure  technology  In  this  final  installment  we 
look  deeper  at  the  technology  on  your  desk¬ 
top  and  how  you  can  effectively  run  your 
business  on  VoIP 

1.  Do  I  need  a  $800  IP  phone? 

Flat-screen  color  display  . . .  Gigabit  Ethernet 
. . .  Linux  operating  system. 

These  aren’t  specs  for  high-end  gaming  PCs 
or  enterprise  network  appliances  —  the  fea¬ 
tures  describe  Siemens’  OpenStage  Session 
Initiation  Protocol  (SlP)-based  IP  tele¬ 
phone.  While  clearly  aimed  at 
the  high-end  user,  this  type  of 
desktop  IP  phone  reflects  the 
growing  horsepower,  features 
and  capabilities  being 
packed  into  desktop  IP  hand¬ 
sets.  Whether  these  minicom¬ 
puter  telephones  make  users  more  productive 
or  add  business  value  to  an  IT  deployment  is 
debatable,  some  observers  and  users  say 

“Many  enterprises  are  dramatically  over¬ 
spending  on  desktop  IP  telephones,”  says  Jeff 
Snyder, an  analyst  with  Gartner.“Spending  $700 
to  $800  on  a  beautiful  IP  phone  for  the  desk¬ 
top  is  serious  overkill.” 

The  reason  is  that  many  users  are  not  yet 
rolling  out  applications  that  take  advantage  of 
advanced  capabilities  these  phones  provide. 
While  some  phones  support  Web  browsers, 
XML  and  Java  applications,  the  effort  and  cost 
of  tying  back-end  applications  and  systems 
into  an  IP  phone  are  hard  to  justify 

“The  most  common  application  people  use 
on  phone  displays  is  calling  up  past-call  lists,” 
Snyder  says.'They  don’t  really  have  any  enter¬ 
prise  applications  that  merit  having  a  large 
color  screen  on  the  phone.” 

This  is  not  to  say  there  is  no  value  in  tying 
applications  to  IP  phones  with  displays. 
Credit  Valley  Hospital  in  Mississauga,  Ontario, 
conducted  a  pilot  project  to  push  corporate 
directory  information  down  to  more 
than  1,000  Nortel  IP  phones  deployed 
throughout  the  hospital.  An  appliance  from 
Citrix  called  the  Net6  converted  directory 
data  into  a  format  that  is  readable  and  navi¬ 
gable  by  IP  phone  screens  and  interfaces.The 
project’s  aim  was  to  enable  doctors,  nurses 
and  other  staff  to  quickly  look  up  information 
when  not  at  a  PC. 

The  problem  is  that  the  hospital  has  2,500 
phones,  with  more  than  half  being  non-IP 


phones,  or  IP  phones  that  cannot  support  the 
directory  tie-in  feature. 

“We  could  not  justify  the  extra  licensing  to 
roll  out  this  feature  to  all  those  new  IP 
phones,”  said  Tim  Oliwiak.the  hospital’s  voice 
systems  analyst  at  a  conference  earlier  this 
year. “If  we  deploy  a  feature  like  this,  people 
will  become  familiar  with  it,  and  it  has  to  be 
everywhere.”  As  a  result,  the  hospital  pulled 
back  on  the  IP  phone/directory  rollout. 

Gartner’s  Snyder  says  the  integration  of  IP 
telephony  with  corporate  applications  and 
databases  has  real  value  and  is  an  emerging 
trend  inside  databases.  “By  the  time  these 
types  of  [converged]  applications  become 
pervasive,  [most]  users  will  be  accessing 
them  through  softphones  on  their  screen” 
or  through  enterprise  applications,  which 
are  tied  to  VoIP-based  features.  Salesforce- 
.com  is  an  example:  recent 
tie-ins  with  Siemens  and 
Cisco  let  users  make  calls 
from  client  record  screens 
via  a  Web  interface. 

Many  enterprises  and  or¬ 
ganizations  are  avoiding  the 
licensing  issue  facing  the  Ontario  Hospital  by 
choosing  low-cost,  generic  IP  phones  running 
SIP  Part  of  the  high  costs  of  deploying  IP 
phones  also  comes  with  licensing.  While  TDM 
phone  systems  are  also  licensed  on  a  per-seat 
basis,  other  users  are  finding  ways  around 
these  costs  as  they  move  to  VoIP 
Sam  Houston  State  University  in  Huntsville, 
Texas,  uses  Cisco  IP  phones  running  a  ge¬ 
neric  SIP  software  stack,  which  enables  the 
handsets  to  access  an  Asterisk  IP  PBX.  The 
school  had  partially  deployed  an  older- 
generation  Cisco  CallManager  system,  which 
used  Cisco’s  proprietary  “Skinny”  call  control 
protocol.  This  required  each  phone  on  the 
system  to  be  licensed  in  order  to  register 
with  the  call  server. 

“The  massive  amounts  of  licensing  fees  re¬ 
quired  to  keep  the  Cisco  CallManager  network 
up  and  running”  was  one  of  the  main  reasons 
the  school  went  to  the  SIP/open  source 
approach, says  Aaron  Daniel, senior  voice  ana¬ 


Network  World  VoIP  event 

Managed  well,  VoIP  makes  your  enter¬ 
prise  a  lean,  mean,  productive 
machine.  Mishandled,  it  has  the  poten¬ 
tial  to  compromise  every  core  value. 
Learn  right  from  wrong.  Join  us  at  IT 
Roadmap:  Dallas  Sept.  6. 
www.nwdocfinder.com/9157 


lyst  at  the  school.  Because  Asterisk  is  open 
source,  this  eliminates  the  need  to  license 
thousands  of  IP  phones,  which  would  have 
been  required  to  run  on  Cisco’s  CallManager 
IP  PBX. 

2.  Will  SIP  ever  be  ready  for  the 
desktop? 

The  VoIP  industry  has  touted  SIP  for  most  of 
this  decade  as  the  future  of  IP  telephony.  Pro¬ 
ponents  say  the  open-standard  nature  of  SIP 
its  flexibility  and  elegance,  are  among  its 
virtues  (besides  being  a  great  acronym  for 
marketing  PowerPoints  and  trade  magazine 
headlines). 

The  problem  is  that  most  companies  must 
rely  on  proprietary  VoIP  protocols,  or  vendor- 
tweaked  (and  thus,  vendor-exclusive)  versions 
of  SIP  in  large  IP  telephony  deployments. 

“SIP  really  describes  a  limited  number  of 
features  in  terms  of  it  being  an  industry  open 
standard,”  says  Anne  Coulombe,  senior  prod¬ 
uct  manager  at  Avaya.“So  invariably  a  propri¬ 
etary  protocol  will  have  more  features.” 

Most  major  vendors,  such  as  3Com,  Avaya, 
Cisco,  Nortel,  Mitel  Networks  and  Siemens, 
which  ship  phones  that  run  proprietary  VoIP 
protocols  also  offer  standard  SIP  software 
stacks  that  can  be  loaded  onto  the  devices. 
This  allows  the  phones  to  work  with  “pure”  SIP 
back-end  IP  PBXs  or  media  servers.  Even  the 
open  source  Asterisk  IP  PBX  system  —  touted 
by  users  for  its  openness  and  flexibility  —  has 
its  own  non-SIP  protocol  for  communicating 
between  servers  and  endpoint  devices.  (Al¬ 
though  Asterisk  fully  supports  SIP-based  end¬ 
points  and  peering  servers.) 

The  most  important  desktop  phone  features 
vary  widely  depending  on  users.  People  who 
live  on  conference  calls  want  a  button  that 
can  hold  all  parties  without  dropping  anyone. 
Those  who  pop  in  and  out  of  the  office  need 
a  message-waiting  light.  This  is  why  protocols 
such  as  Cisco’s  SCCP  Siemens’  CoreNet  and 
others  still  come  as  standard  on  their  respec¬ 
tive  IP  phones  and  PBXs. 

But  the  demand  for  SIP  is  increasing  as  users 
look  to  integrate  presence  and  multimedia 
features  into  a  VoIP  network.To  accommodate, 
vendors  also  are  creating  proprietary  exten¬ 
sions  to  SIP  to  give  the  protocols  a  few  extra 
features  —  enough  to  make  or  break  an  enter¬ 
prise  VoIP  system  sale,  in  some  cases. 

“It’s  commercially  unreasonable  to  say  to 
customers  that  they  must  be  purists  about  a 
certain  protocol,”  Microsoft’s  Duffy  says.“  If  we 
need  to  make  changes  to  a  protocol,  or  other 
scenarios,  we’ll  do  that”  to  meet  customer’s 
needs,  he  says. 

Avaya  calls  its  SIP  extension  Avaya  SIP 
Telephony,  which  extends  the  number  of  fea- 
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tures  a  SIP  phone  supports  to  around  62  — 
twice  as  many  as  are  available  on  basic  IETF- 
based  SIP  phones. 

Vendors  such  as  Avaya  and  others  also  are 
extending  basic  SIP  phone  functionality  with 
feature  access  codes.  This  involves  passing 
dual-tone  multi-frequency  (DTMp  or  tone- 
based  signaling  based  on  dial  pad  buttons) 
signals  through  standard  SIP  packets  to  a  PBX 
or  IP-PBX  back  end,  which  lets  users  of  SIP- 
based  phones  access  features  normally  avail¬ 
able  only  to  proprietary  systems. 

“So  features  you  could  normally  turn  on  by 
dialing  1234#  on  your  phone.it  will  turn  on  the 
back  end,”  Coulombe  says.  “That’s  100%  SIP- 
compliant,  but  you’ve  actually  extended  the 
capabilities  of  all  SIP  phones  attaching  to  the 
[non-standard]  back  end.” 

Some  users  rolling  out  large  deployments  of 
SIP  endpoints  say  a  lack  of  features  is  not  an 
issue.  (Albeit  these  users  say  they  chose  to  use 
SIP  phones  in  basic  office  settings  where  ad¬ 
vanced  PBX  features  are  not  commonly  used.) 
The  University  of  Pennsylvania  is  one  such  or¬ 
ganization  in  the  process  of  deploying  thou¬ 
sands  of  IETF-standard  SIP  telephones  to  fac¬ 
ulty  and  staff  offices  at  its  Philadelphia  cam¬ 
pus  locations. 

“The  truth  is  that  the  vast  majority  of  services 
people  want,  we  can  provide,”  says  Deke 
Kassabian,  senior  technology  director  at  the 
university. “And  the  ones  we  can’t  yet  provide, 
we’re  working  on  those.” 

Bridged-line  appearance  and  busy-indicator 
lights  are  among  some  features  that  are  hard 
to  do  well  in  an  open,  standard  environment 
right  now,  he  says. 

At  toolmaker  Stanley  Works,  plans  are  under¬ 
way  to  widely  use  Polycom  IP  phones  with  a 
SIP-based  VoIP  system  from  Interactive  Intelli¬ 
gence.  IT  executives  at  the  company  have  said 
they  expect  to  see  cost  savings  of  $200  to  $300 
per  seat  in  using  the  SIP-based  phones  vs.  pro¬ 
prietary  VoIP  handsets  and  systems  offered  by 
Cisco  or  Avaya. 

“I  have  not  heard  of  any  problems  or  issues 
about  shortcomings  in  terms  of  SIP’s  features,” 
says  David  Cote,  global  telecommunications 
manager  for  the  company 

As  SIP  becomes  more  mainstream,  in¬ 
creased  interoperability  and  the  expansion 
of  features  should  be  expected,  industry  in¬ 
siders  says. 

Microsoft’s  Duffy  says  users  “won’t  be  having 
conversations  about  SIP  interoperability  in  five 
years.”  Over  time,  VoIP  systems  and  SIP  will 
operate  similarly  to  Web  applications  over 
TCP/IP‘No  one  would  for  a  minute  realistically 
wonder  if  those  systems  would  work.” 

3.  How  do  I  run  my  business  on  Skype? 

Skype,  which  claims  around  100  million  reg¬ 
istered  names,  estimates  that  30%  of  its  in¬ 
stalled  base  are  business  users.  The  free  VoIP 
tool  is  utilized  widely  by  road-warrior  employ¬ 
ees  with  laptops,  as  well  as  small  businesses 
and  teleworkers. 

Some  companies  are  even  patching  together 


systems  that  integrate  Skype  into  larger  VoIP 
systems.  Big  cost  savings  can  be  gained  this 
way  by  using  Skype  to  connect  branch  offices, 
while  still  maintaining  the  feeling  of  working 
on  a  business  telephone,  as  opposed  to  a  PC- 
based  softphone,  which  some  employees  may 
find  unfamiliar. 

Chicago  to  China:  a  case  study 

One  such  company  is  Eastern  Accents,  a 
Chicago  home  furnishing  manufacturer,  which 
has  a  growing  presence  in  China.  It  started 
using  Skype  to  connect  to  China  years  ago 
and  recently  took  its  Skype/telephony  integra¬ 
tion  to  the  next  level. 

Elvin  Rakhmankulov,  the  company’s  direc¬ 
tor  of  IT,  wanted  a  way  to  inexpensively  and 
reliably  connect  its  growing  China  operation 
with  the  company’s  200  employees  in 
Chicago  and  other  domestic  satellite  offices. 
Eastern  Accents  has  a  3Com  NBX  IP  PBX  sys¬ 
tem,  which  easily  ties  together  its  U.S.  branch 
offices  over  the  Internet.  Sites  in  Los  Angeles 
and  North  Carolina  get  3Com  IP  phones, 
which  link  back  to  the  Chicago  NBX  through 
VPN  links. 

When  Rakhmankulov  tried  this  setup  to  con¬ 
nect  to  China,  he  hit  the  wall. 

“The  calls  were  not  being  blocked,  but  the 
latency  the  speed  of  the  network,  was  really 
slow,”  he  says.  “Nobody  knows  for  sure  why 
there  is  so  much  latency  for  Internet  traffic 
going  into  and  out  of  China.  But  any  Internet 
communication  to  China  is  a  huge  issue. When 
the  signal  goes  from  the  United  States  to  China, 
it  really  takes  a  while.” 

Rakhmankulov  discovered  the  free  VoIP 
client  worked  fine,  passing  through  firewalls  or 
other  gateways  without  any  perceived  latency 
to  the  calls.“Skype  does  not  need  a  lot  of  band¬ 
width.  At  the  same  time  it  works  with  China 
very  well,”  he  says.  “The  quality  of  the  calls  is 
very  good.” 

Employees  used  PC-to-PC  Skype,  but  Rak¬ 
hmankulov  wanted  to  integrate  communica¬ 
tion  lines  as  part  of  the  businesses  phone  sys¬ 
tem. “It  would  be  much  easier  for  most  people 
because  they  don’t  have  to  have  headsets  on 
their  computers,  microphones  and  all  that 
stuff,”  he  says. 

Rakhmankulov  rigged  his  system  by  attach¬ 
ing  the  3Com  NBX  to  an  appliance  from  Vo- 
Sky  Technologies,  which  lets  employees 
make  Skype  calls  from  3Com  IP  phones  on 
desktops.  The  3Com  NBX  connects  to  the 
VoSky  Exchange  9000  appliance  through  four 
analog  trunks.  A  USB  link  from  the  VoSky  box 
also  connects  to  a  dedicated  Windows  XP 
machine  with  four  Skype  accounts  running 
simultaneously. The  VoSky  box  has  a  database 
that  converts  the  Skype  user  names  of  the 
employees  in  China  into  extension  numbers. 
When  Chicago  users  dial  eight  and  then  the 
extension  from  a  3Com  phone,  it  connects  to 
the  employee  in  China  using  Skype  on  a  PC 
with  a  headset. 

“Users  don’t  know  anything  about  it  in  the 
background,”  he  says.“If  they  want  to  make  an 


international  call,  they  dial  eight,  and  it  goes 
through  Skype.”  His  next  plan  is  to  ship  a  3Com 
NBX,  IP  phones  and  a  VoSky  appliance  to  the 
office  in  China,  and  replicate  the  setup  in  the 
Chicago  office  so  all  employees  can  talk  on 
actual  phones,  instead  of  a  mix  of  PC  headsets 
and  handsets. 

Overall,  Rakhmankulov  estimates  he’s  cut  his 
telephone  bills  a  third  by  using  Skype  to  call 
China.  Using  Skype  on  the  public  Internet  is 
also  a  big  cost  saver  vs.  setting  up  a  private 
point-to-point  IP  line  to  China  forVoIR 

For  around  $5,000  a  month, “major  providers 
like  Sprint  or  AT&T  can  give  you  an  MPLS  chan¬ 
nel, which  is  equivalent  toT-1  speeds  but  [on  a] 
dedicated  channel  between  the  offices,”  he 
says.  Even  with  such  a  service,  “1  wouldn’t  be 
sure  that  VoIP  would  work  perfectly  over  such 
a  channel  to  China.  It  would  work,  definitely 
better  than  the  Internet,  but  there  are  still  laten¬ 
cies  there.  And  it’s  really  a  lot  of  money’ 

Security  in  mind 

Experts  say  that  tightly  controlled  Skype 
usage,  such  as  the  system  at  Eastern 
Accents,  is  what  companies  should  strive  for 
in  using  Skype.  While  it  can  be  a  useful  tool, 
IT  administrators  should  get  out  in  front  of 
Skype  usage  before  discovering  the  software 
downloaded  on  laptops  and  PCs  without 
authorization. 

“Because  the  Skype  client  is  a  free  down¬ 
load,”  says  Lawrence  Orans,  an  analyst  at 
Gartner, “it  is  widely  used  and  most  businesses 
have  no  idea  how  many  Skype  clients  are  in¬ 
stalled  on  their  systems  or  how  much  Skype 
traffic  passes  over  their  networks.” 

Skype  currently  has  seven  security  bulletins 
on  its  site  relating  to  known  security  flaws  or 
exploits  of  the  software.  Exploits  of  vulnerabil¬ 
ities  and  bugs  range  from  potential  system 
crashes  to  execution  of  arbitrary  code  on  a 
Skype  PC.  Skype’s  peer-to-peer  file-sharing 
capabilities  compound  the  risks  associated 
with  the  software. 

The  growing  number  of  security  holes  in 
the  program  “highlights  the  risk  of  not  estab¬ 
lishing  and  implementing  an  enterprise  pol¬ 
icy  for  Skype,”  Orans  says.  “If  after  weighing 
the  risks,  a  business  decides  to  allow  Skype 
use,  it  should  actively  manage  version  con¬ 
trol  of  the  Skype  client  —  and  its  distribu¬ 
tion  to  authorized  users  —  using  configura¬ 
tion  management  tools.”  ■ 


ONLINE:  Missed  Part  IP 

Find  out  the  answers  to  these  ques¬ 
tions  from  the  first  part: 

•  Can  I  trust  Microsoft  with  VoIP? 

•  What  happens  when  I  dial  911? 

•  Is  VoIP  safe? 

www.nwdocfinder.com/9528 
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Illinois  resurrects  PKI  program 

Program  once  hailed  as  leading-edge  back  on  track  after  stumbles 


State  of  Illinois  IT  executives  Doug  Kasamis  (right)  and  Mark  Anderson  have  been 
immersed  in  reshaping  the  state’s  once-disappointing  PKI  project. 


BY  ELLEN  MESSMER 

In  1999  Illinois  placed  a  big  security  bet  on 
public-key  infrastructure  (www.nwdocfinder. 
com/9546)  for  e-commerce,  but  three  years 
ago  its  PKI  project  faltered,  as  state  agencies 
foundered  badly  when  issuing  the  digital  cer¬ 
tificates  to  residents. 

It  wasn’t  supposed  to  turn  out  that  way  The 
state’s  landmark  Electronic  Commerce  Se¬ 
curity  Act  (www.nwdocfinder.com/9547)  had 
given  digitally  signed  documents  an  equal 
legal  status  to  wet-signature  paper  ones  in 
1999,  putting  Illinois  on  the  cusp  of  the  PKI 
revolution. “Over  the  next  18  months  we  hope 
to  distribute  over  a  million  digital  IDs  to  citi¬ 
zens  and  businesses  to  enable  them  to  do 
business  with  the  state  of  Illinois  as  an  inte¬ 
grated  secure  Web-driven  government,”  pro¬ 
claimed  then-Governor  George  Ryan. 

The  idea  was  to  decrease  paper-based  ex¬ 
change  in  favor  of  electronic  documents  in 
every  sphere  of  government  on  every  level  by 
having  citizens  submit  digitally  signed  forms 
instead  of  written  signatures. 

In  early  2001,  that  still  sounded  possible,  as 
Illinois  had  the  technology  contracts  in  place 
—  primarily  one  with  Entrust  —  making  digital- 
certificate  registration,  issuance  and  manage¬ 
ment  software  available  to  state  agencies.  But 
the  agencies  were  flummoxed  by  the  intrica¬ 
cies  of  PKI,  in  which  sender  and  recipient  can 
exchange  encrypted  and  signed  documents 
through  a  public-private  key  pair  also  used  to 
verify  that  contents  haven’t  been  altered. 

“By  2003,  we  had  less  than  6,000  certificates 
issued,”  acknowledges  Doug  Kasamis,  acting 
deputy  director  of  the  state’s  IT  department,  the 
Central  Management  Services  (CMS)  Bureau 
of  Communication  and  Computer  Services. 

More  wheels  were  coming  off  the  wagon  as 
Gov.  Ryan,  once  praised  for  setting  up  a  cabi¬ 
net-level  chief  technology  office,  left  office 
under  a  cloud  of  scandal  that  year,  later  being 
convicted  of  racketeering  and  fraud  charges. 
By  2004, something  had  to  be  done  to  save  the 
PKI  effort,  which  was  failing  even  though 
Illinois  was  distributing  certificates  for  free. 

“We  called  this  our  ‘IT  rationalization’”  says 
Mark  Anderson,  head  of  the  PKI  project. 
Basically  the  state  agencies  and  the  IT  depart¬ 
ment  settled  on  a  last-ditch  plan  to  centralize 
the  administration  of  PKI  at  the  CMS  level,  hav¬ 
ing  CMS  do  the  technical  work  on  behalf  of  the 
state  agencies. 

“We  centralized  the  infrastructure,  consoli¬ 
dating  the  servers  and  LANs,”  Anderson  says. 
“We  run  the  master  directory,  the  public-key 
and  revocation  list.” 

CMS  basically  took  over  technical  responsi¬ 
bility  for  issuing  digital  certificates,  delivering 
them  upon  request  to  agencies  over  the  state’s 
private-line  network. 


“Today  we’re  the  certificate  authority  says 
Kasamis  about  the  CMS  role. Illinois,  which  sub¬ 
mits  to  an  annual  “eValidate”  audit  by  Deloitte 
&  Touche  required  by  the  state’s  e-commerce 
PKI  law,  keeps  the  root  keys  on  a  server  locked 
in  an  isolated  room  in  the  Springfield,  Ill.,  data 
center.  Illinois  also  stores  what  it  calls  the  sig¬ 
nature  blob  of  all  digitally  signed  content, 
which  provides  proof,  if  that’s  ever  needed,  of 
what  user  certificate  signed  what  content. 

That  process  has  worked  to  salvage  the  PKI 
project  from  failure.  While  Illinois  is  far  from 
reaching  that  million-certificate  milestone 
once  envisioned  by  Ryan,  today  the  state  has 
issued  more  than  107,000  digital  certificates  on 
behalf  of  state  agencies,  universities  and  law 
enforcement  to  distribute  to  individuals  doing 
business  with  them. 

Most  of  these  are  regular  certificates  in  which 
an  individual  only  has  to  present  an  Illinois  dri¬ 
ver’s  license  to  obtain  one.  But  in  the  first-level 
system  of  certificates  that’s  been  set  up,  some 
are  high-assurance,  requiring  fingerprinting 
and  a  background  check. 

“The  first-level  certificates  would  be  used 
with  our  Web-based  interface  to  validate  a  dri¬ 
ver’s  license,  for  example,”  Kasamis  says.  Other 
applications  include  Medicaid  providers  locat¬ 
ing  client  benefit  information  online,  and 
water-treatment  facilities  that  submit  waste¬ 
water-discharge  monitoring  reports  with  the 


Illinois  Environmental  Protection  Agency 
(EPA)  using  PKI. 

“Protection  of  information  is  very  important 
so  the  encryption  and  signing  is  important  to 
us,”  says  Illinois  EPA  Director  Doug  Scott  about 
digital  certificates. 

The  EPAs  Web-based  application  for  filing 
forms  and  signing  them  with  a  digital  certifi¬ 
cate  offers  an  alternative  to  filling  out  paper 
ones  and  faxing  or  mailing  them  in,  Scott  says. 
Slightly  less  than  half  of  the  EPAs  documents 
are  submitted  electronically  with  digital  signa¬ 
tures  now,  he  says. 

To  encourage  more  electronic  filing,  the  EPA 
recently  gave  out  $500  to  100  people  random¬ 
ly  selected  from  among  those  who  do  business 
with  the  EPA  to  get  them  to  use  computer 
resources  to  file  electronically 

Digitally  signed  files  have  proven  a  boon  to 
the  EPA  because  the  information  on  waste- 
water,  such  as  estimated  flow,  tends  to  be  more 
accurate  when  submitted  over  the  Web  than 
that  mailed  into  the  EPA  in  paper  form. 

“In  terms  of  the  accuracy  of  the  informa¬ 
tion,  the  computer  has  estimated  flows,  and  if 
the  flow  is  listed  much  higher  than  anticipat¬ 
ed,  the  computer  will  flag  it  there  online,” 
Scott  says.  Because  the  Illinois  EPA  shares  its 
data  with  the  federal  EPA,  Illinois  checked  to 
make  sure  there  was  no  problem  with  digital- 
certificate-based  filing.® 
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>399.  "  2-yr.  price  less  $100  advanced  device  credit, 
less  $100  mail-in  rebate  =  '199  w  with  new  2-yr. 
activation  on  any  voice  plan  of  S39.'H  monthly  access 
or  higher  and  a  data  feature  of  '  44.  "  monthly  access, 
or  on  any  new  Voice  and  Data  Choice  Bundle  plan 
of  79. "  monthly  access  or  higher. 


Verizon  Wireless  introduces  the  BlackBerry"  8830  World  Edition.  It's  the  first  CDMA  World  Edition  smartphone 
capable  of  roaming  globally  on  GSM/GPRS  networks.  Work  domestically  or  internationally,  with  access  to  email, 
phone,  Internet  and  expanded  memory  capability.  Join  forces  with  America's  most  reliable  wireless  broadband 
network  in  enabling  your  employees  to  work  from  just  about  anywhere.  i  ^ 
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Microsoft  maintenance  program  fails 


BY  JEREMY  KIRK,  IDG  NEWS  SERVICE 

IT  procurement  managers  are  finding  that 
Microsoft’s  Software  Assurance  maintenance 
program  may  not  save  them  money  as  hoped, 
according  to  a  survey  released  last  week  by 
Forrester  Research. 

The  Microsoft  program  guarantees  updates 
to  new  products  along  with  support  and 
training  tools.  One  of  the  most  compelling 
reasons  to  buy  Software  Assurance  was  free 
upgrades  from,  for  example,  Windows  XP  to 
Windows  Vista. 

But  Microsoft  hasn’t  stuck  to  a  consistent  re 
lease  schedule,  which  can  mean  the  program 
could  cost  companies  more  money  than  sim¬ 
ply  buying  new  licenses  as  needed,  accord¬ 
ing  to  the  four-page  Forrester  report,  written 
by  Julie  Giera,  a  vice  president  at  the 
research  firm. 

For  desktops,  Software  Assurance  is  29%  the 
cost  of  an  annual  license.  If  Microsoft  goes  at 
least  four  years  between  releases  —  the  com¬ 
pany  went  about  five  between  XP  and  Vista  re 
leases  —  the  cost  of  Software  Assurance  works 


**The  uncertainty  regarding 
product  releases  makes  it 
difficult ...  to  justify  a  three- 
year  SA  renewal.55 

Julie  Giera 

a  vice  president  at  Forrester 

out  to  116%  of  a  new  desktop  license,  Giera 
wrote.  For  servers,  Software  Assurance  is  about 
25%  the  annual  cost  of  a  license. 

“The  uncertainty  regarding  product  releases 
makes  it  difficult  for  IT  procurement  and 
sourcing  professionals  to  justify  a  three-year 
SA  renewal,”  the  report  said. 

Microsoft  has  not  yet  published  a  road  map 
for  products  released  since  November  2006, 
such  as  Windows  Vista,  Office  2007,ShareFbint 
2007  and  Exchange  2007. 

Of  63  IT  procurement  professionals  Forrester 
surveyed,  86%  said  their  licensing  arrange¬ 
ment  with  Microsoft  will  expire  this  year. 


Twenty-six  percent  said  they  will  not  renew 
Software  Assurance,  with  31%  still  undecided. 
Another  18%  said  they  would  renew  for  some 
products,  with  the  remainder  saying  they 
would  probably  or  definitely  renew. 

About  74%  of  those  who  said  they  would  not 
buy  the  same  amount  of  Software  Assurance 
maintenance  said  the  economics  did  not 
make  sense,  and  59%  said  they  did  not  expect 
to  get  a  new  product  release. 

Forrester  is  advising  companies  to  negotiate 
early  with  Microsoft  and  hold  out  for  better 
deals.  “Discounts  in  the  7%  to  15%  range, 
depending  on  your  size  and  level  of  spending, 
should  be  the  foundation  of  any  renewal  dis¬ 
cussion,”  the  report  said. 

Companies  should  also  simply  do  the  math. 
“This  sounds  like  common  sense,  but  we’re 
continually  surprised  by  the  number  of  com¬ 
panies  that  don’t  take  the  time  to  conduct  a 
financial  analysis  of  the  costs  and  benefits  of 
SA,”  Forrester  said. 

Microsoft  could  not  be  reached  for  immedi¬ 
ate  comment.  ■ 


FCC  ignores  100  years  of  wisdom 


NET  INSIDER 

Scott  Bradner 


Decision  on  software 
radio  fails  security  101 

French  cryptographer  Auguste  Kerckhoffs  pub¬ 
lished  a  set  of  six  design  principles  for  military 
encryption  systems.  The  second  of  these  princi¬ 
ples  is  generally  known  today  under  the  obser¬ 
vation  that  security  through  obscurity  is  not 
security  The  FCC  seems  not  to  have  read  the  his¬ 
tory  books  or  to  be  aware  of  how  its  sister  feder¬ 
al  agencies  develop  security  standards. 

In  a  common  English  translation,  Kerckhoffs’  second  principle 
says  that  a  secure  crypto  system  “must  not  be  required  to  be  secret, 
and  it  must  be  able  to  fall  into  the  hands  of  the  enemy  without 
inconvenience.” 

There  are  many  reasons  for  this.  They  range  from  the  catastrophic 
results  in  the  case  of  a  breach  that  exposes  a  weakness  to  the  reduced 
chance  of  a  weakness  if  many  eyes  look  at  a  system  before  it  is 
deployed.  The  latter  is  the  primary  reason  that  the  federal  National 
Institute  of  Standards  and  Technology  (NIST)  conducts  public  con¬ 
tests  for  new  encryption  standards.  Security  expert  Bruce  Schneier 
published  a  very  good  essay  on  this  topic  a  few  years  ago 
(www.nwdocfinder.com/9537). 

The  FCC  has  just  decided  that  obscurity  is  bet¬ 
ter  than  security  when  it  comes  to  software 
radios. 

Specifically,  it  said  “manufacturers  should  not 
intentionally  make  the  distinctive  elements  that 
implement  that  manufacturer’s  particular  secu¬ 
rity  measures  in  a  software  defined  radio  pub¬ 
lic”  if  that  would  help  circumvent  FCC  rules. 

Because  no  manufacturer  will  want  to  prove 
that  public  disclosure  will  not  cause  such  a  risk, 
they  are  being  told  to  keep  the  code  secret. 

On  one  hand,  this  is  like  saying  that  manufac¬ 
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turers  should  keep  circuit  diagrams  of  old  radios  secret  so  that  someone 
would  not  know  where  to  solder  in  a  resistor  to  change  the  output 
strength.  And  on  the  other,  it’s  pretending  that  hidden  code  somehow 
will  be  hackproof. 

In  the  same  decision  the  FCC  made  it  clear  that  open  source  software 
is  in  the  FCC  doghouse:  “A  system  that  is  wholly  dependent  on  open 
source  elements  will  have  a  high  burden  to  demonstrate  that  it  is  suffi¬ 
ciently  secure  to  warrant  authorization  as  a  software  defined  radio.”  This 
is  a  message  that  I  am  sure  was  well  received  in  Redmond,  but  a  mes¬ 
sage  that  demonstrated  bias  rather  than  analysis  on  the  part  of  the  FCC. 

The  Software  Defined  Radio  (SDR)  Forum  politely  responded  that  the 
FCC  did  not  know  what  it  was  doing  and  asked  it  to  get  a  clue 
(www.nwdocfinder.com/9538). 

With  this  decision,  the  FCC  reinforces  my  decade-old  suspicion  that 
clues  just  do  not  like  hanging  around  Washington,  D.C.  (Postman:  Read 
that  Letter!  www.nwdocfinder.com/9539). 

It  is  not  at  all  sure  that  the  SDR  Forum  or  anyone  else  can  find  clues 
that  are  willing  to  undertake  the  mission  of  breaking  down  the  mental 
barriers  protecting  the  FCC  from  the  knowledge  of  the  past  or  from  the 
technologies  and  business  models  of  the  future,  but  stranger  things  have 
happened.  For  example,  the  last  time  the  FCC  tried  to  make  rules  about 
software  the  courts  force-fed  them  the  clue  that  this  was  not  the  FCC’s 
job.  (See  Broadcast  flag:  Protecting  the  past  at  www.nwdocfinder. 

com/9540). 

It  just  might  be  that  a  court  will  tell  the  FCC 
the  obvious  —  that  the  design  of  secure  sys¬ 
tems  is  not  one  of  the  FCC’s  missions  (or 
competences). 

Disclaimer:  “Harvard”  and  “clue”  have  been 
associated  more  often  than  “Harvard  and  clue¬ 
less,”  but  this  exploration  of  clue  locale  is  my 
own,  not  one  from  the  university 


Bradner  is  Harvard  University's  technology 
security  officer.  He  can  be  reached  at 
sob@sobco.com. 
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TECH  UPDATE 

■  An  inside  look  at  technologies  and  standards 

Bottomless  e-mail  storage 


BY  VICTOR  CHANG 

With  e-mail  the  dominant  enterprise  communication  vehicle  — 
used  for  everything  from  simple  notes  to  purchase  orders,  con¬ 
tracts,  invoices  and  other  critical  business  documents  —  manag¬ 
ing  swelling  message  stores  has  become  a  primary  concern. 


But  today’s  most  commonly  deployed  enter¬ 
prise  e-mail  servers  store  data  using  database 
architectures  that  perform  large  numbers  of 
separate  I/O  operations  to  complete  a  single 
transaction.  To  meet  the  demands,  organiza¬ 
tions  typically  add  costly,  dedicated  storage 
and  strictly  limit  individual  storage  capacity 

Open  e-mail  servers,  however,  enable  a  new, 
open  messaging-storage  process  based  on  less 
expensive,  modern  filing  systems  that  over¬ 
come  the  limitations  of  database  architectures 
and  improve  overall  performance.  File-based 
storage  lets  these  e-mail  systems  scale  cost- 
effectively  and  decreases  system-management 
complexity  and  administration  overhead. This 
flexible  approach  simplifies  the  storage  model 
and  lets  mailboxes  (potentially  bottomless) 
grow  to  sizes  that  are  more  conducive  to  the 
way  employees  use  e-mail. 

Performance  issues 

Modern  Linux  filing  systems,  such  as  XFS 
and  Ext3,  are  fast,  flexible,  reliable  and  effi¬ 
cient.  These  systems,  for  example,  support 
such  features  as  journaling,  which  is  used  in 
playback  of  operations  following  a  power  cut, 
and  semi-offline  storage,  which  allows  low- 
cost  storage  for  rarely  accessed  files.  Linux  fil¬ 
ing  systems  also  support  clustering,  letting 
enterprises  build  file-system  clusters  to  sup¬ 
port  any  level  of  file-system  reliability 

Leveraging  a  f debased  email  store  offers  sig¬ 
nificant  performance  improvements  and 
potential  cost  savings  because  the  file  system 
does  not  require  multiple  read/write  com¬ 
mands  between  the  email  and  the  storage 
subsystem.  Performance  is  improved  and  cost 
savings  come  from  using  less  expensive  com¬ 
modity-storage  systems  that  let  IT  provide 
much  larger  mailboxes  economically  A  file 
system  approach  addresses: 

•  Storage  for  large  data  objects.  Open  email 
server  systems  can  employ  singleinstance 
storage  at  the  file-system  level  for  large  data 
objects  attached  to  messages  —  or  even  for 
large  email  bodies.  Each  large  object  can  be 
put  into  a  separate  file  that  can  be  linked  to 
from  multiple  places. 

•  Backup  operations.  Using  a  file-based 
storage  system  for  backup  operations  is  sim¬ 
ple,  live  (no  freeze  or  snapshot  step  is 
required),  incremental,  and  detailed  down 
to  the  message  (file)  level. This  makes  back¬ 


ing  up  the  mail  store  as  simple  as  backing 
up  a  file  server.  Additionally,  file-server  back¬ 
up  allows  incremental  backups  (backing  up 
just  messages  that  have  changed  since  the 
previous  day)  with  industry-standard  back¬ 
up  tools.  And  administrators  can  make  mail¬ 
boxes  significantly  larger  as  a  result  of  back¬ 
up  time  being  eliminated. 

•  Restoration.  Backup  records  let  enterpris¬ 
es  easily  restore  records  that  are  accidentally 
lost  or  deleted,  or  that  are  required  for  compli¬ 
ance  or  other  regulatory  purposes.The  file  sys¬ 
tem’s  “one  file  per  message”  architecture  sim¬ 
plifies  restoration  because  it  has  no  database 
synchronization  issues.  This  allows  a  detailed 
restoration;  IT  can  restore  a  single  message  by 
restoring  a  single  file,  a  folder  by  restoring  a 
folder,  a  user  by  restoring  that  user’s  folder  and 
subfolders,  or  the  whole  store  by  restoring  the 
folder  tree  that  contains  all  the  users  —  with¬ 
out  worrying  about  synchronizing  the  live 
database  with  the  backup. 

•  Database  corruption.  File-based  storage 


eliminates  the  problem  of  database  corrup¬ 
tion,  because  it  has  no  intermediate  database 
that  can  fragment  or  become  corrupted.  Each 
user  has  an  individual  folder  within  the  store; 
each  folder  contains  subfolders  correspond¬ 
ing  to  the  calendar,  in-box  and  other  e-mail 
functions.  Each  message  in  a  subfolder  is  rep¬ 
resented  by  a  file.  With  “one  file  per  message” 
any  corruption  that  occurs  from  a  disk  mal¬ 
function  or  within  the  store  is  limited  to  a  sin¬ 
gle  file  and  will  not  spread  to  where  it  can 
crash  the  entire  system  over  time. 

•  Disaster  recovery.  Disaster  recovery  of  an 
e-mail  message  store  also  is  faster  and  simpler 
with  a  file-system  architecture  because  it  pro¬ 
vides  an  easy  way  to  build  low-cost  server  clus¬ 
ters  (an  active  and  passive  pair  of  servers  in 
front  of  the  file  system)  that  dramatically 
improves  disaster  recovery  by  eliminating 
database-synchronization  issues. 

All  the  advantages  of  file-based  storage  sys¬ 
tems  add  up  to  a  powerful  new  way  for  enter¬ 
prises  to  bring  the  capabilities  of  their  e-mail 
system  in  line  with  the  needs  of  their  e-mail 
users.  Users  get  all  the  storage  they  need,  and 
enterprises  gain  a  far  easier,  more  cost- 
effective  method  to  handle  e-mail  storage. 

Chang,  vice  president  of  engineering  at 
PostPath,  can  be  reached  at  vchang@post 
path.com. 


Simple  file-based  e-mail  store 


The  file  system  represents  a  simpler  approach  for  e-mail  storage  than  the 
traditional  database  model,  which  involves  using  a  complex  set  of  rules  to 
keep  track  of  relationships  between  entries. 


The  file-system  storage  model  provides  each 
user  with  his  own  folder,  each  containing  sub¬ 
folders  corresponding  to  calendar,  in-box,  etc. 


User  1 


3 


E-mail  store 


Each  message  in  the  subfolder  is  represented 
by  a  single  file,  and  large  attachments  are 
stored  once  in  a  common  data  store.This  allows 
for  single-instance  storage,  reliable  clustering, 
and  simplified  backup  and  restoration. 
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CD  fingerprints 


Following  my  discussion  a  few  weeks  ago 
about  a  suite  of  CD/DVD  tools  called 
Virtual  CD,  reader  Tim  Cary  who  hails  “from 
out  in  the  beautiful  western  part  of  [Massachu¬ 
setts]  . . .  Easthampton,”  wrote:“I  was  particularly 
intrigued  by  the  fact  that  after  ripping  to  the 
MP3  format  in  WinAmp,  it  would  read  the  song 
info  and  fill  in  the  headers.” Cary  wondered  how  this  worked  so  . .  .there 
are  two  ways  to  figure  out  what  is  on  a  CD:  fingerprinting  and  CD  text. 

Fingerprinting,  the  more  common  method  (which  used  to  be 
known  as  CDDB)  is  used  by  the  commercial  CD-identifying  service 
offered  by  Gracenote  (www.nwdocfinder.com/9541)  and  two  free  CD 
databases:  Freedb  (www.freedb.org)  and  Tracktype.org  (www.nwdoc 
finder.com/9542). 

The  fingerprint  of  a  CD,  called  the  CDDB  ID,  is  an  almost  unique  value 
— “almost”  because  it  is  possible  for  two  (or  more)  compact  disks  to  have 
the  same  fingerprint.  Freedb  explains:“The  disc  ID  ...  is  not  as  good  as  it 
could  be  —  in  fact,  it  is  pretty  bad  as  a  unique  identifier  for  a  CD. 
Therefore,  completely  different  CDs  (with  the  same  length  in  seconds 
and  the  same  [number  of  tracks])  can  have  the  same  disc  ID  . .  ..This  disc 
ID  algorithm  and  the  cddb  protocol  can  unfortunately  not  be  changed 
without  losing  backward  compatibility  to  existing  applications.” 

According  to  Wikipedia,  the  CDDB  ID  “identifies  CDs  with  a  32-bit 
number,  usually  displayed  as  a  hexadecimal  number  containing  eight 
digits:  XXYYYYZZ.The  first  two  digits  (labeled  XX)  represent  a  check¬ 
sum  based  on  the  starting  times  of  each  track  on  the  CD. The  next  four 
digits  (YYYY)  represent  the  total  time  of  the  CD  in  seconds  from  the 
start  of  the  first  track  to  the  end  of  the  last  track.The  last  two  digits  (ZZ) 
represent  the  number  of  tracks  on  the  CD.” 


Actually,  that  description  was  for  the  old  CDDB1  service,  the  free 
version  of  the  Gracenote  database,  which  was  shut  down  in  2001.  As 
far  as  1  can  determine  the  IDs  in  the  “new”  Gracenote  database  are 
formed  using  the  same  algorithm,  but  the  old  access  protocol,  also 
called  CDDB  1,  has  been  changed  by  Gracenote  and  is  not  backward 
compatible. 

If  you  feel  inspired, you  can  examine  an  example  of  Perl  code  that  per¬ 
forms  the  CDDB1  calculation  at  www.nwdocfinder.com/9543  or  a  Java 
version  at  www.nwdocfinder.com/9544. 

The  free  services  both  support  the  CDDB1  ID  format  and,  like  Grace- 
note,  support  access  via  an  HTTP  form  (unique  to  each  service),  but 
unlike  Gracenote  support  the  CDDB1  protocol  (www.nwdocfinder. 
com/9545)  —  Gracenote  uses  a  proprietary  version  for  commercial 
reasons.  Note  that  Gracenote  also  keeps  the  CDDB  IDs  hidden  while 
freedb  and  tracktype  both  display  the  ID  and  allow  you  to  search  by  it. 

Just  in  case  you  were  asking  yourself, “Self,  I  wonder  what  the  ID  is  for 
Led  Zeppelin’s ‘Led  Zeppelin  III,’”  the  answer  is  7fl0d60a. 

WinAmp,  in  common  with  many  other  music-management  applica¬ 
tions,  figures  out  the  CDDB  ID  when  it  reads  a  CD  and  then  automati¬ 
cally  looks  it  up,  using  whichever  CD  database  you’ve  configured  it  for. 
Thus,  when  you  rip  a  CD,  WinAmp  can  fill  in  the  MP3  header  tags. 

Actually,  depending  on  which  service  you  use,  you  will  occasionally 
get  multiple  matches  in  which  users  have  disagreed  on  the  details  of  a 
CD  or  in  which,  as  I  pointed  out  earlier,  two  or  more  CDs  have  the  same 
fingerprint.  WinAmp  will  ask  you  to  choose  which  you  think  is  the  cor¬ 
rect  version  for  your  CD. 

Next  week,  CD  Text.  Until  then,  sing  like  a  Byrd  to  Gearhead  at  gear 
head@gibbs.  com. 


GEARHEAD 


Mark  Gibbs 


Wireless  system  not  practical 


COOLTOOLS 


he  people  have  spoken!  After  an  onslaught 
of  encouraging  e-mails  (I  never  realized 
my  column  could  cure  dog  polio,  but  one 
reader  said  it  did  that  and  saved  his  marriage), 
Cool  Tools  has  returned  to  the  print  publica- 
tion.You  can  all  put  your  pitchforks  and  torches 
away  and  enjoy  more  Cool  Tools  goodness. 

The  scoop:  Soundmaster  Wireless  Speaker 
System,  by  Excalibur  Electronics, 
about  $100.  Available  at  www.nwdocfinder.com/9529  or  from 
Hammacher  Schlemmer. 

What  it  is:  The  Soundmaster  Wireless  Speaker  System  lets 
you  stream  music  from  an  iPod  wirelessly  to  a  speaker  box 
over  the  2.4GHz  frequency  (up  to  150  feet  away). 

The  speaker  part  of  the  system  is  a  wireless 
receiver,  and  includes  an  AM/FM  radio,  an 
alarm  clock  and  an  auxiliary  input  jack  (in 
case  you  want  to  use  the  device  as  portable 
speakers  for  other  music  devices  with  auxil¬ 
iary  audio  outputs). The  transmitter  is  an  iPod 
docking  base  that  can  also  recharge  the  iPod 
in  addition  to  streaming  the  music  content  to 
the  speakers. 

Why  it’s  cool:  This  is  a  nice  alternative  to 
iPod  speaker  systems/docking  stations  where 
the  iPbd  is  attached  to  the  portable  speakers. 

If  you’re  looking  to  place  the  speakers  in  a  different  location  from 
where  your  iPod  is,  the  wireless  capabilities  of  the  Soundmaster  system 
let  you  do  this. 

Some  caveats:  Oddly,  1  couldn’t  think  of  any  practical  scenarios  in 


The  Soundmaster  Wireless  Speaker 
System  was  cool,  but  why  would  you 
need  it? 


which  you  would  want  or  need  the  speakers  separate  from  the  iPod.The 
speakers  are  water-resistant,  so  putting  the  speakers  outdoors,  or  in  a 
kitchen  or  bathroom  would  mean  you  could  protect  your  iPod  from 
water  splashing  onto  the  system,  but  it  seems  odd  that  you’d  need  to 
spend  $100  just  for  that  feature. 

The  separation  of  the  iPod  from  the  wireless  speakers  makes  it  more 
difficult  to  do  simple  things  like  switch  songs  and  adjust  the  volume,  for 
example. To  switch  songs  you’d  have  to  be  near  the  iPod,  and  to  adjust 

the  volume  you’d  have  to  be  near  the 
speakers.  The  2.4GHz  frequency  also 
means  that  you  could  face  some  wireless 
interference  issues  with  cordless  phones, 
microwave  ovens  or  other  devices  that 
share  the  same  frequency 
In  addition,  the  clock  setting  on  the 
speakers  only  displayed  time  in  24-hour 
mode,  which  meant  I  had  to  remember 
that  14:47  was  2:47  p.m.The  addition  of  an 
auxiliary  port  is  nice  for  attaching  other 
non-iPod  music  devices  to  the  system,  but 
you  can’t  do  this  wirelessly  as  the  small 
cable  has  to  be  connected  to  the  speakers 
and  your  other  music  player. 

Grade:  ★★★★  out  of  5  stars 


We  may  be  back  in  print,  but  we’re  going 
gangbusters  online  as  well.  Cool  Tools  blog,  Twisted  Pair  podcast  and  the 
Cool  Tools  Video  Show  all  reside  online  at  www.networkworld.com.  Fire 
up  that  newfangled  computer  and  check  us  out!  Shaw  can  be  reached  at 
kshaw@nww.  com. 
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Bring  your  customers 
the  next  big  thing. 


And  the  next.  And  the  next 


And  the  next... 
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The  race  to  win  new  customers  is  more  competitive  than  ever.  How  can  cable 
companies  win?  That's  a  question  we're  helping  to  answer  at  Alcatel-Lucent. 
We  are  teaming  with  some  of  the  largest  cable  companies  in  the  world,  providing 
them  with  advanced  multi-service  aggregation  networks  so  they  can  deliver 
premium  consumer  and  business  services  to  their  customers  —  with  carrier-class 
reliability  and  unparalleled  service  velocity.  That's  video  on  demand,  high 
definition  television,  VoIP,  VPN  for  businesses  and  other  cutting-edge  services, 
all  on  the  same  network. 
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And  that's  just  part  of  the  story.  We  can  also  apply  our  expertise  as  a  leader  in 
wireless  networks  and  blended  services  to  help  you  expand  your  offering  to  next 
generation  converged  services,  giving  customers  more  reasons  than  ever  to 
choose  cable.  Whether  it's  wireless  or  wireline,  our  solutions  are  so  reliable  you  can 
offer  guaranteed  quality  of  service.  We  deliver  an  infrastructure  so  highly  scalable 
you're  ready  not  just  for  today's  challenges,  but  for  tomorrow's  breakthroughs 
as  well.  That  way,  you've  got  the  market  covered  from  every  angle. 

Because  the  world  is  always  on. 


Alcatel-Lucent.com 


Alcatel*Lucent 


©2007  Alcatel-Lucent 
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Here’s  why  you  need  a  mobility  strategy 


Last  week  we  talked  about  the  challenge 
of  too  much  choice  when  it  comes  to 
mobility. The  solution?  A  mobility  strategy 
that  defines: 

•  How,  when  and  where  to  deploy  mobility 
•  Which  user  groups  need  specific  mobile 
devices,  services  and  applications. 

•  How  mobile  devices  and  services  will  be 
secured  and  managed. 

As  always,  though,  there’s  a  “gotcha.”  In  this 
case  it’s  the  fact  that  fewer  than  40%  of  the 
companies  I  work  with  have  such  a  mobility 
strategy. 

That’s  a  problem,  because  (as  I  noted  last 
week),  mobility  is  an  expensive  budget  line-item  —  and  it’s  about 
to  get  even  more  so. 

If  you’re  one  of  the  firms  lacking  a  mobility  strategy,  start  by 
assessing  your  current  state.  How  many  carriers  do  you  have?  (If 
you’re  typical,  it’s  two  or  more.)  Which  devices  are  deployed? 

Which  applications  enabled? 

It’s  particularly  important  to  compile  your  user  profile.  Which  cat¬ 
egories  of  users  currently  use  mobile  technology,  and  which  would 
like  to?  Which  applications  do  they  have  access  to  today,  and 
which  do  they  need? 

Don’t  forget  to  assess  the  level  of  security  and  management.  For 
example,  are  all  mobile  devices  password-protected  by  default?  Can 
they  be  wiped  automatically  in  the  event  of  loss  or  theft  (to  protect 
sensitive  information)?  Do  you  have  an  asset-tracking  system  in  place 
so  you  can  tell  exactly  how  many  devices  you  have?  Don’t  worry  if  the 
answers  to  the  last  few  questions  are  no,  no  and  no.  Understanding 


your  starting  point  is  the  first  step  in  remediating  the  situation. 

Speaking  of  remediation,  your  next  step  should  be  to  figure  out 
your  goals.  Are  you  aiming  primarily  to  reduce  costs  and  complex¬ 
ity?  Increase  productivity?  Improve  performance?  Improve  function¬ 
ing?  Or  maximize  scalability?  Of  course,  in  most  organizations  the 
answer  is  “all  of  the  above” —  but  typically  they’re  in  some  sort  of 
priority  order.  For  example,  if  the  plan  is  to  increase  your  current 
100-person  rollout  to  10,000  by  the  end  of  2007,  maximizing  scala¬ 
bility  probably  is  a  top  goal. 

Once  you  have  your  current  state  and  future  goals,  you  can  begin 
to  put  in  place  the  strategy.  Here  are  some  guidelines: 

•  To  reduce  costs,  buy  in  bulk.  Have  an  explicit  goal  of  reducing 
the  number  of  carriers  as  low  as  possible  (one  or  two  is  ideal).  Limit 
the  number  of  devices  that  users  can  deploy,  and  make  it  clear 
which  users  have  the  right  to  deploy  specific  devices.  Finally  focus 
on  the  soft  costs  associated  with  asset  configuration,  deployment 
and  management.  Automate  these  as  much  as  possible. 

•  To  improve  performance  and  functioning,  push  vendors  on  their 
plans  for  capabilities,  specifically  integration  with  wireless  LANs, VoIP 
PBXs  and  key  applications.  For  example,  Research  In  Motion  recently 
announced  plans  to  move  forward  with  a  Wi-Fi-enabled  version  of  its 
popular  BlackBerry 

•  Finally,  plan  for  investment.  Mobility  will  be  a  critical  business 
enabler  for  the  next  few  years.  By  2009,  companies  that  lack  a 
mobility  strategy  will  be  as  outdated  as  companies  that  lacked  Web 
sites  in  2000. 

Johnson  is  president  and  senior  founding  partner  at  Nemertes 
Research,  an  independent  technology  research  firm.  She  can  be  reached 
at  johna@nemertes.com. 
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Johna  Till  Johnson 


Wireless  VoIP 

continued  from  page  18 

mitters  and  wiring  to  tie  the  transmitters  to  the 
PBXs. 

Other  Southwestern  facilities  were  doing  sim¬ 
ilar  integrations  using  Siemens  gear  in  con¬ 
junction  with  Spectralink. 

At  the  same  time,  the  medical  center  was 
installing  WLAN  gear  for  data  applications  on 
hospital  floors  and  in  clinics,  the  same  places 
the  900MHz  wireless  phones  were  installed. 
When  it  learned  VoIP  phones  supported  by 
Siemens  over  the  same  wireless  network 
could  replace  the  900MHz  wireless  phones, 
the  Southwestern  Medical  Center  stopped 
deploying  them  in  favor  of  VoIP 

That  required  adding  access  points  to  handle 
the  greater  load  and  upgrading  some  LAN 
infrastructure  to  support  VoIP  says  Hull.  The 
handsets  are  PBX  extensions  with  all  the  fea¬ 
tures  —  hold,  transfer,  conferencing  —  that 
wired  extensions  have. 

Southwestern  is  interested  in  technology  that 
lets  doctors  and  some  other  medical  person¬ 
nel  roam  beyond  the  campus,  but  has  no  firm 
plans  to  deploy  it  yet,  Hull  says.  The  school  is 
starting  with  deploying  Wi-Fi  access  points 
among  campus  buildings  to  allow  roaming 
outside  individual  buildings. 

Hull  says  dual-mode  phones  could  be 
attractive  that  support  wireless  VoIP  and  cel¬ 
lular  and  also  support  two  phone  numbers. 
Users  would  carry  one  device  that  would 
work  on-campus  and  off  and  could  receive 
separate  bills  for  business  and  private  calls. 


It  is  possible  to  extend  wireless  throughout  a 
business  using  single-mode  cellular  phones, 
says  Redman.  By  using  interfaces  with  corpo¬ 
rate  PBXs,  cellular-phone  carriers  can  turn  over 
call  control  to  their  business  customers,  as 
well  as  PBX  features,  such  as  hold  and  voice 
mail.  This  way  a  call  to  the  corporate  phone 
network  from  a  cell  phone  would  be  directed 
by  the  carrier  to  the  corporate  PBX. 

In  this  scenario,  there  is  no  need  for  handoffs 
between  Wi-Fi  and  cellular  networks  or  dual¬ 
mode  phones,  because  all  calls  are  delivered 
over  carrier  cell  networks. 

If  cell  services  within  corporate  buildings 
and  campuses  are  weak,  providers  can  install 
repeaters  and  other  antenna  infrastructure  to 
provide  adequate  capacity  and  coverage, 
Redman  says.  IP  phone  systems  from 
Ascendant  Systems,  Avaya  and  DiVitas  support 
this  feature. 

The  challenge  this  technology  faces  lies  in 
the  phones,  because  cell  phones  lack  the  dedi¬ 
cated  feature  buttons  that  typical  PBX  desk 


ONLINE:  Wireless  event 

Always-available  access  to  informa¬ 
tion  —  and  the  ability  to  act  on  it 
instantly,  anywhere  —  isTHE  advan¬ 
tage  in  today's  hypercompetitive  world. 
Hone  your  edge.  Join  us  at  IT 
Roadmap:  Dallas  on  Sept.  6. 

www.nwdocfinder.com/9159 


phones  have.  So  phone  makers  will  have  to 
develop  graphical  interfaces  that  display  but¬ 
tons  on  the  phone  screens  for  such  PBX  fea¬ 
tures  as  conferencing  and  call  transfer, 
Redman  says. 

The  alternative  is  pressing  number  codes 
using  phone  keypads  to  manipulate  these  fea¬ 
tures.  “But  using  short-codes  adds  complica¬ 
tions  to  using  the  features,”  Redman  says. 

Using  dual-mode  phones  offers  customers 
the  possibility  of  saving  money  by  saving  on 
cellular  minutes.  At  outdoor  retailer  Gander 
Mountain,  dual-mode  phones  could  be  a 
way  to  save  on  cellular  minutes  when  trav¬ 
eling  executives  are  at  headquarters  in  St. 
Paul,  Minn.,  or  in  stores,  says  Joe  McClung, 
senior  network  engineer  for  the  110-store 
chain. 

The  company  is  swapping  out  Colubris 
Networks  Wi-Fi  access  points  for  those  from 
Cisco,  and  that  gives  Gander  the  option  to  use 
dual  mode,  McClung  says.  In  the  meantime, 
sales  associates  in  stores  carry  single-mode 
Wi-Fi  phones  to  answer  calls  from  customers. 
Incoming  calls  roll  from  wired  phones,  to  Wi¬ 
Fi  phones  of  associates,  to  Wi-Fi  phones  of 
managers,  he  says. 

Calls  are  answered  more  reliably  with  the 
Wi-Fi  phones,  and  sales  associates  are  more 
productive,  because  they  spend  more  time 
helping  customers  or  stocking  shelves.  “The 
majority  of  associates  are  hardly  ever  at  the 
wired  phones,”  McClung  says. 

“I  find  it  very  intriguing,”  says  Southwestern’s 
Hull  about  dual-mode  phones.  “It  may  be 
where  wireless  is  moving  to.”  ■ 
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HOW  TO  EXPECT  THE  UNEXPECTED 


Quick,  take  a  snapshot.  Suddenly  part  of 
your  IT  infrastructure  is  inaccessible.  What 
happens  to  your  business? 
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SunGard’s  advanced  recovery  solutions 
help  get  you  back  up  and  running.  Fast. 

We  provide  extensive  options  to  fit  your 
exact  requirements,  from  tape  or  disk 
backup,  to  data  replication,  mirroring, 
hotsites,  mobile  solutions  and  more. 

Meet  your  objectives  with  confidence. 

For  over  28  years,  through  2,100  recovery 
situations,  we’ve  delivered  a  100%  success 
rate.  With  solutions  that  achieve  precise 
recovery  timeframes,  locations  and 
data  points. 

And  you  can  maintain  that  control  as  your 
business  evolves.  With  access  to  some 
of  the  most  extensive  data,  system  and 
network  resources  available  anywhere. 
Reach  higher  levels  of  information 
Availability,  at  a  fraction  of  the  cost  of 
building  the  infrastructure  yourself. 

The  right  solution  for  today.  Strong 
preparation  for  tomorrow.  Let  SunGard 
show  you  how  to  expect  the  unexpected. 
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EMC’s  makeover  shifts  from  acquisition  to  execution  phase 

BY  JOHN  S.  WEBSTER 


ince  2003,  when  EMC  launched  its  transformation  from  a 
simple  hardware  storage  vendor  to  a  multifaceted  information- 
infrastructure  provider,  it  has  racked  up  15  straight  quarters  of 
double-digit  revenue  growth  and  strong  profits. 


However,  the  company’s  stock  price  has  been  essentially  flat 
over  that  period,  an  indication  that  for  Wall  Street  at  least,  the  jury 
is  still  out  on  whether  EMC  can  deliver  on  its  grand  vision  of 
information  management. 

Customers  and  industry  analysts  agree  that  the  company  has 
made  great  strides  over  the  past  few  years  in  laying  out  its  strategy 
and  in  making  key  acquisitions  aimed  at  filling  out  its  portfolio. 

But  they  also  agree  that  EMC  still  has  work  to  do.  Specifically 
the  company  needs  to: 

•  Integrate  its  many  acquisitions  into  a  coherent  product  line. 

•  Project  a  clear  marketing  message  to  customers  and 
shareholders  alike. 

•  Retain  the  high  regard  it  has  from  customers  by  making  it 
easy  for  them  to  buy  products  and  get  service  and  support  across 
product  lines. 

•  Deliver  more  profits. 

Integration 

Since  its  buying  binge  began  with  the  acquisition  of  backup 
vendor  Legato  in  2003,  EMC  has  pieced  together  components 
that  will  help  its  customers  not  only  store  data,  but  manage  and 
secure  enterprise  data  no  matter  where  it  resides  on  the  network. 

In  addition  to  Legato,  EMC  has  snapped  up  security  vendors 
RSA  Security,  Network  Intelligence  and  Authentica,  virtualization 
players  VMware  and  Rainfinity,  content-management  providers 
Documentum  and  Acartus,  and  management  vendors 
ProActivity  and  Smarts.  All  told,  EMC  has  spent  $7  billion  to  get 
more  than  20  companies. 

This  dizzying  pace  has  some  customers  wary.  “It  concerns  me 
that  so  much  acquisition  will  eventually  cause  integration  diffi¬ 
culties  for  us,”  says  Ann-Marie  Horcher,  senior  groupware  special¬ 
ist  at  Dow  Corning  Corp.  in  Midland,  Mich.  She  currently  rises 
VMware  and  Documentum. “You  can't  expect  everything  po  play 
together  nicelyf  she  says. 

EMC  appears  to  be  on  the  same  page  as  its  customer*;  when  it 
comes  to  the  integration  issue.  The  company  hasnjr made  any 
major  acquisitions  this  year  and  Mark  Lewis,  executive  vice  pres- 
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ident  and  chief  development  officer,  says  the  buying  spree  is,  for 
the  most  part,  over. 

“Were  phenomenally  well  positioned  with  the  assets  we’ve 
built  internally  and  those  we’ve  acquired  over  the  last  several 
years.  Aside  from  smaller  technology  ‘tuck-in’  acquisitions,  there 
are  no  large  deals  on  the  drawing  board,”  Lewis  says.  (EMC  did 
make  one  of  those  tuck-ins  in  early  June,  when  its  RSA  division 
picked  up  tiny  identity-verification  services  vendor  Verid.) 

“Integration  of  all  this  technology,  woven  together  in  a 
seamless  orchestration  —  what  we  refer  to  as  informa¬ 
tion  infrastructure  —  is  our  strategic  move,  and  will 
steer  the  way  for  the  future  of  information  man¬ 
agement,”  he  adds. 

Integration  is  no  small  challenge,  but  EMC  has 
made  announcements  indicating  that  it  is  a  top 
priority.  For  example,  at  its  May  user  group  meet¬ 
ing,  the  company  announced  that  by  year-end  it 
will  begin  delivering  a  common  platform  for 
managing  the  company’s  myriad  storage  lines. 

Marketing 

On  paper,  EMC  has  been  successful  in  transi¬ 
tioning  from  its  core  storage  hardware  business, 
which  is  becoming  more  of  a  commodity,  into 
faster-growing  and  higher-margin  software  and 
services. 

“In  2001,  up  to  three  of  every  four  dollars  in 
revenue  were  from  hardware  sales,”  says 
Brian  Freed,  an  analyst  at  Morgan  Keegan  & 

Co.  In  2006,  software  and  services  ac¬ 
counted  for  about  52%  of  EMC’s  business, 
compared  with  48%  for  hardware. 

Ultimately,  however,  success  involves 
more  than  just  adding  new  software  rev¬ 
enue  streams  from  acquired  compa¬ 
nies.  EMC  has  to  sell  its  vision  of 
information  management  and 
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IT  COMES  TO  LARGE  SCALE  ARRAYS  AND 
WE  LOVED  THEIR  SUPPORT.  AS  WE  BECOME 
AWARE  OF  NEW  SOFTWARE  PRODUCTS 
THEY’RE  BEGINNING  TO  OFFER,  WE’LL  TAKE 
A  SERIOUS  LOOK  AT  THEM.# 


KENNETH  DEANS,  vice  president  and  CIO 
Bassett  Healthcare,  Cooperstown,  N.Y. 
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demonstrate  how  the  recently  acquired  software  technology  fits  into 
the  company’s  existing  product  lineup. 

Since  2003,  EMC  has  led  the  industry  in  promoting  the  concept  of 
information  life-cycle  management  (ILM). These  days  the  term  1LM  is 
taking  a  back  seat  to  the  concept  of  information  management,  a 
broader  concept  that  ecompasses  not  only  managing  data  through 
its  life  cycle,  but  also  protecting  and  securing  it. 

For  some  customers,  the  message  remains  murky.  “Their  new  mar¬ 
keting  strategy  is  not  clear  to  me,”  says  Chris  Carter,  director  of  enter¬ 
prise  technology  services  at  PPL  Corp.,an  electricity-generation  com¬ 
pany  in  Allentown,  Pa. “They  have  the  IT  mind-share  in  storage  hard¬ 
ware,  but  the  big  question  is  can  they  gain  mind-share  in  the  virtual¬ 
ization  market,  with  VMware  and  other  markets.” 

Carter  says  he  wonders  where  Documentum,  Smarts,  RSA  and  other 
recently  acquired  technologies  fit  into  EMC’s  overall  product  plans. 
“EMC  has  a  credible  story,  and  when  they  do  articulate  it,  they’re  suc¬ 
cessful.  If  they  can  say, ‘Storage  is  about  infrastructure, but  information 
is  about  business’  as  a  way  to  break  out  of  the  core  storage  view  that 
people  have  of  them,  they’ll  be  successful,”  Carter  says. 

But  Carter  says  he  isn’t  ready  to  entrust  EMC  with  all  of  his  infor¬ 
mation-infrastructure  needs. “It  would  be  a  leap  of  faith  —  one  that  I 
don’t  have  yet  —  to  say  that  EMC  has  done  so  well  with  storage  that 
they’ll  be  equally  good  with  information  security.  Just  because 
they’ve  been  good  at  spinning  disks  doesn’t  imply  that  they  can  also 
be  our  only  infrastructure  management  vendor,”  he  says. 

Sales,  service,  support 

EMC  faces  another  challenge  when  it  comes  to  the  basic  blocking 
and  tackling  of  sales,  service  and  support. 

“Against  their  peers,  they  have  the  advantage  of  being  focused  on  stor¬ 
age.  But  one  area  they  need  to  move  up  in  is  the  services  side  of  the 
organization,”  Freed  says. “IBM  and  HP  are  very  established  from  a  serv¬ 
ices  standpoint.The  acquisitions  have  expanded  EMC’s  technology  and 
they  have  to  build  that  out  to  their  services  organization.” 

That’s  what  Horcher  is  hoping  for  with  her  Documentum  and  VMware 
products.“If  they  assume  most  of  the  integration  burden,  we  don’t  have 
to  spend  as  much  time  developing  software  links  between  applications 
—  they’ll  do  standard  integration,  and  we  can  customize  it  further” 


Brian  Babineau,an  analyst  at  the  Enterprise  Strategy  Group,  cautions, 
“Integrating  all  the  companies  and  becoming  more  efficient  at  getting 
into  new  markets  can  be  expensive  at  the  field  level,  where  you  might 
need  multiple  offices,  and  that  can  impact  business  metrics." 

On  the  plus  side,  if  EMC  can  successfully  bring  the  new  technolo¬ 
gies  into  the  fold  and  convince  users  that  it  will  continue  to  offer  the 
same  support  and  technical  help,  it  will  have  an  opportunity  to  sell 
acquired  software  to  satisfied  existing  customers. 

“It  will  be  challenging  for  them,”  says  Kevin  Westover,  a  systems  engi¬ 
neer  at  NuSkin  Enterprises,  in  Provo,  Utah.  NuSkin  has  invested  $10  mil¬ 
lion  in  EMC’s  Symmetrix  storage  platform,  including  TimeFinder  storage 
replication  and  ControlCenter  storage  resource-management  software. 

But  Westover  adds  that  EMC  is  capable  of  rising  to  that  challenge. 
“We’ve  dealt  with  their  software  people  in  their  professional  services 
group  when  we’ve  installed  software  related  to  Symmetrix  systems. 
We’ve  had  good  experiences  with  the  software-support  side.  From 
what  I’ve  seen  and  heard,  if  they  can  somehow  leverage  their  hard¬ 
ware  with  the  software  they  are  acquiring,  integrate  that  and  say, ‘We 
have  great  hardware,  and  all  this  software  works  with  our  hardware’ 
they  should  succeed.” 

EMC’s  Lewis  hopes  to  lay  those  worries  to  rest. “We  appreciate  and 
understand  customer  concern.  EMC  has  been  very  successful  at 
acquiring  technology,  and  it’s  a  track  record  we’re  proud  of,  in  terms 
of  not  only  what  we’ve  done,  but  how  we’ve  done  it.  In  acquisition 
through  acquisition,  some  of  which  might  be  different  technology 
than  EMC’s,  we  did  need  to  retrain  the  sales  force,  while  not  breaking 
what  we  bought,”  Lewis  says. 

At  Johns  Hopkins  University’s  Applied  Physics  Lab  (APL)  in  Balti¬ 
more,  EMC’s  support  group  has  already  proven  itself. The  APL  imple¬ 
mented  Rainfinity  file-virtualization  software  just  months  after  EMC 
bought  the  company  in  2005,  and  EMC’s  support  has  remained  strong 
for  the  new  product. 

“They  haven’t  been  too  distracted  yet  by  all  the  acquisitions. We  still 
have  contacts  at  Rainfinity  that  I  can  get  hold  of. We’ve  had  problems, 
and  they  got  them  done  quickly.  Now,  Rainfinity’s  service  number  is 
the  same  as  the  main  call  center,  which  I  was  always  a  fan  of.  If  you 
need  to  talk  to  someone,  you  can  get  them  on  the  phone  within  15 

See  EMC,  page  36 


Buying  binge 

Since  2003,  EMC  has  spent  an  estimated  $7B  on  acquisitions. 


Date 

Company 

Technology 

Price 

June  2007 

Verid 

Identity  services 

n/a 

November  2006 

Avamar 

Backup  and  recovery 

$165M 

September 

Network  Intelligence 

Security 

$175M 

2006 

RSA  Security 

Security 

$2.1  B 

September 

ProActivity 

Business  process  management 

n/a 

2006 

n Layers 

Application  discovery  and  mapping 

n/a 

June  2006 

Akimbi  Systems 

Virtual  capture  and  restore  forVMware 

n/a 

June  2006 

Interlink  Group 

Microsoft  IT  services 

n/a 

June  2006 

Kashya 

Replication  and  protection 

$153M 

May  2006 

Authentica 

Security 

$75M 

May  2006 

Internosis 

Microsoft  IT  services 

n/a 

April  2006 

Captiva 

Document  capture 

$275M 

January  2006 

Acartus 

Content  management 

n/a 

December  2005 

Rainfinity 

Network-attached  storage  file-virtualization 

$100M 

October  2005 

Smarts 

Event  automation  and  real-time  management 

$260M 

August  2005 

Dantz  Software  Development 

Backup  and  recovery 

$50M 

February  2005 

Allocity 

Backup,  restore  and  provisioning  for  Microsoft  exchange 

$10M 

October  2004 

Astrum 

Storage  resource  management 

n/a 

October  2004 

VMware 

File  virtualization 

$635 M 

April  2004 

Documentum 

Content  management 

$1.7B 

January  2004 

Legato  Systems 

Backup  and  archiving 

$1.3B 
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1.  Think  like  a  Pirate. 

The  best  way  to  defeat  a  Pirate  is  to 
think  like  one.  After  a  few  days  of  grog- 
swilling  and  rigging-swinging,  you'll  be 
ready  to  take  them  on,  as  an  equal. 
If  nothing  else,  you'll  have  had  a  fun 
couple  of  days. 


2.  Walking  the  plank. 

Pirates  are  big  on  getting  their  victims  to  walk  the  proverbial  plank. 
Use  this  against  them.  Pose  as  a  plank  salesman;  pitch  a  new,  better 
plank.  Ask  them  to  "test  the  plank"  and,  once  they're  out  on  it,  reveal 
the  truth.  The  humiliation  might  just  get  them  to  leave. 


3.  Pay  them  off.  ^ 

Pirates  are  obsessed  with  booty, 
or  treasure.  A  supply  of  gold 
chocolate  coins  placed  in  a  bag 
or  chest  will  dazzle  them.  They'll 
want  to  bury  it  somewhere,  secretly, 
and  will  lose  whatever  interest  they 
had  in  you  in  the  first  place. 


4.  Use  your  skills  of  Beard-Fu. 
Beard-Fu  is  the  ancient  art  of  facial  hair 
combat.  Grab  and  pull  the  Pirate's  beard, 
yank  a  sideburn — if  done  properly,  it's 
the  deadliest  of  all  martial  arts.  Finding 
a  Beard-Fu  teacher  can  be 
hard  nowadays,  but  there's 
probably  a  Web  site. 


5.  Beat  them,  then  join  them. 
Life  as  a  high-seas  scalawag  might 
not  be  so  bad.  You'll  escape  your  cube, 
see  the  world,  pillage  and  plunder,  and 
have  a  grand  old  time.  Learn  to  dance 
a  jig,  wear  a  parrot  on  your  shoulder, 
and  you're  off. 


1.  Implement  Microsoft  Forefront. 


Forefront™  makes  defending  your  systems  easier.  It's  a 
simple-to-use,  integrated  family  of  client,  server,  and 
edge  security  products  (such  as  Forefront  Client  Security) 
that  helps  you  stay  ahead  of  your  security  threats  more 
easily  than  ever.  For  case  studies,  free  trials,  demos,  and 
all  the  latest  moves,  visit  easyeasier.com 
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He  long  view 


EMC  stock  peaked  at  more  than  $100  a  share  in  2000  and  then  plummeted  during  the  dot-com  crash.  Since  2002,  the  stock 
has  been  essentially  flat. 


1998 


1999  2000  2001  2002  2003  2004  2005  2006  2007 


Stock  surge 

In  the  past  year,  EMC  stock  has  doubled,  from  $9  a  share  to  $18. 


EMC 

continued  from  page  34 

minutes,” says  Bill  Fleming,  director  of  infrastructure  planning  at  APL. 

Profits 

Despite  the  fact  that  EMC  has  grown  to  become  an  $1 1  billion  tech¬ 
nology  giant  with  31,000  employees,  100  sales  offices  and  50  distri¬ 
bution  partners  worldwide,  the  company  has  been  getting  no  love 
from  Wall  Street. 

EMC  stock  has  bounced  around  in  a  narrow  band  between  $10  and 
$17  a  share  for  the  past  few  years,  and  shareholders  have  become 
restless.  After  all,  EMC  stock  had  been  a  high-flyer  in  the  1990s,  sky¬ 
rocketing  from  around  $10  a  share  in  January  1998  to  more  than  $100 
a  share  in  2000.  Then  came  the  dot-com  crash,  and  EMC  stock  has 
never  recovered. 

In  March,  the  country’s  largest  pension  fund  put  EMC  on  its  annual 
list  of  underperforming  stocks.  And  shareholders  have  complained 
that  EMC  spent  too  much  on  RSA. 

EMC  CEO  Joe  Tucci  in  March  acknowledged  that  the  company 
overspent  for  RSA,  which  he  says  was  valued  at  $1.6  billion  when  it 
was  acquired  —  $500  million  less  than  EMC  paid.  Tucci  added  that 
he  is  confident  that  the  RSA  acquisition  will  prove  itself  over  time. 

“Over  the  last  three  years,  their  stock  has  gone  nowhere.  In  2007, 
one  of  the  questions  will  be  how  will  they  grow  at  two  times  IT  budg¬ 
et  growth  in  light  of  analyst  reports  that  in  terms  of  the  macro  econ¬ 
omy,  there  are  cuts  in  IT  budgets. Those  are  the  questions  people  will 
look  to,”  Morgan  Keegan  analyst  Freed  says. 

Paul  Mansky,  an  analyst  at  Citigroup,  adds  that  investors  generally 
agree  with  EMC’s  acquisition  strategy  But  he  adds  that  its  perform¬ 
ance  has  lagged  behind  expectations. 

In  an  effort  to  boost  the  company  stock  price,  EMC  has  undertaken 
several  initiatives,  including  a  recent  recapitalization  and  staff  cuts  (a 
modest  reduction  of  around  1,100  people). 

Another  challenge  for  EMC  is  to  increase  employee  productivity. 
“Revenue  per  employee  actually  declined  about  2%  last  year,  while 
operating  expenses  per  employee  increased  by  about  6.5%,  which 
equates  an  8.5%  decline  in  employee  productivity.  Compare  this  to 
the  prior  two  years  in  which  the  delta  was  a  net  positive  2.4%  and 
1 .9%,  respectively”  Mansky  says. 

According  to  Lewis.it  will  take  a  combination  of  marketing  its  new 
technology  and  image, a  well-run  product  strategy  and  creative  finan¬ 
cial  management  to  spur  upward  movement  in  EMC’s  stock. 

“In  addition  to  continued  articulation  of  —  and  execution  against 


—  our  information-infrastructure  strategy,  which  the  industry  is 
embracing  nicely,  we  are  continually  evaluating  ways  to  unlock  value 
for  investors.  For  instance,  in  2006,  EMC  invested  approximately  $3.8 
billion  in  share  buybacks.  We  also  recently  announced  our  intent  to 
IPO  a  portion  of  VMware,”  Lewis  says. 

In  addition,  there  are  signs  that  EMC’s  bid  to  step  up  in  class  and 
compete  against  such  heavyweights  as  IBM  and  HP  is  starting  to 
show  results. 

EMC’s  stock  has  been  on  a  steady  upward  course  since  August,  dou¬ 
bling  from  a  low  of  $9.44  a  share  to  the  current  price  of  about  $18  a 
share.  (However,  as  bloggers  on  financial  messages  boards  are  quick  to 
point  out,  EMC  was  selling  at  $17  a  share  in  January  2002, so  a  $l-a-share 
increase  in  more  than  five  years  is  nothing  to  write  home  about.) 

The  latest  earnings  report  was  mostly  positive.  Information  storage 
kept  up  its  steady  growth  at  7.7%,  and  VMware  continues  to  lead  the 
way  at  95%  growth  over  2006,  but  content  management  and  archiving 
slumped  to  a  paltry  2.9%  increase.  Overall  revenues  were  up  16.6% 
for  the  first  quarter  of  2007. 

Analysts  are  predicting  that  the  upcoming  mini-IPO  of  10%  of 
VMware  might  help  to  jump-start  EMC’s  stock  price. 

Analysts  also  are  impressed  with  the  way  the  company  is  taking  a 
leadership  position  in  the  marketplace.“EMC  and  IBM  are  at  the  fore¬ 
front  of  bringing  infrastructure  management  together,  but  EMC  is 
forging  the  wayf  says  Joseph  Martins,  an  analyst  at  Data  Mobility 
Group  in  Nashua,  N.H. 

He  adds, “EMC  started  the  information-management  talk, and  they  con¬ 
tinue  to  bang  the  drum  louder. They’re  successfully  uniting  two  fields  in 
a  way  that’s  meaningful.  EMC  has  acquired  all  the  pieces,  and  they  have 
the  money  and  the  professional  services  to  make  it  work.” 

One  final  factor  in  EMC’s  favor  is  that  customers  remain  onboard. 
“Over  the  past  two  and  half  years,  they  have  already  proven  to  me 
that  their  quality  is  great  —  they’re  the  best  in  the  industry  when  it 
comes  to  large-scale  arrays,  and  we  love  their  support.  As  we  become 
more  aware  of  the  new  software  products  they’re  beginning  to  offer, 
we’ll  take  a  serious  look  at  them,”  says  Kenneth  Deans,  vice  president 
and  CIO  at  Bassett  Healthcare,  in  Cooperstown,  N.Y. 

He  adds,“l  think  with  the  growth  of  any  company  there  are  always  chal¬ 
lenges.  My  take  is  it’s  positive.  If  I  went  down  our  list  of  80  vendors,  they 
are  in  the  top  three  in  terms  of  quality  performance  and  service  now,  and 
they  will  remain  so  looking  down  the  road.They’ve  been  stellar  in  every 
way  As  long  as  they  can  continue  with  that,  I’m  happy 

Webster  is  a  freelance  writer  in  Rhode  Island.  He  can  be  reached  at 
john.  s.  webster@verizon.  net. 
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Oracle 

continued  from  page  12 

engineering  and  architecture  at 
Starwood  Hotels  and  Resorts 
Worldwide,  expects  his  organiza¬ 
tion  will  move  to  1  Ig  in  2008. The 
hotel  chain  runs  its  main  business 
on  the  HP-UX  operating  system  on 
top  of  Itanium-powered  comput¬ 
ers,  and  the  llg  beta  wasn’t  avail¬ 
able  on  that  platform.  “So,  we  will 
have  to  settle  for  the  production 
release  later  this  year  and  then  at 
least  six  months  of  testing  after 
that,”  he  wrote  in  an  e-mail. 
Starwood  uses  Oracle’s  database 
for  almost  all  of  its  business  pro¬ 
cesses,  including  reservations, 
check-in  and  out  processes,  and 
guest-loyalty  programs. 

He  singles  out  the  Database 
Replay  and  SQL  Performance 
Analyzer  features  as  giving  cus¬ 


tomers  “the  biggest  bang  for  the 
buck.”  Other  useful  features  in¬ 
clude  the  Transparent  Tablespace 
Encryption,  Virtual  Columns  and 
Partitioning  enhancements,  he 
added.  There  are  several  features 
he  would  like  to  see  in  1  lg,  includ¬ 
ing  the  ability  to  make  a  table 
space  read  only  when  there  are 
active  transactions  in  the  database 
on  different  tablespaces. 

Mike  Amble,  senior  vice  presi¬ 
dent  of  operations  and  engineer¬ 
ing  at  Fidelity  National  Informa¬ 
tion  Services,  sees  the  new  Fast 
Files  feature  useful  to  his  organi¬ 
zation.  The  company  provides 
technologies  to  financial  institu¬ 
tions  and  handles  mortgage  loan 
processing. 

“We  deal  with  a  lot  of  odd  forms 
of  information,”  he  says.  For  in¬ 
stance,  when  a  house  is  sold,  all 
the  documents  related  to  the  sale, 


including  appraisals  and  title  doc¬ 
uments,  are  sent  back  to  the  mort¬ 
gage  company  in  paper  form  and 
then  scanned  and  stored.  Fast 
Files  will  allow  users  to  store  large 
objects  such  as  images  in  the  llg 
database  as  fast  as  storing  such 
unstructured  information  in  tradi¬ 
tional  file  systems. 

Amble  hopes  to  migrate  his 
organization  over  to  llg  in  2008. 
“In  the  beta  testing,  we’ve  not 
found  a  lot  of  issues, it  should  be  a 
very  easy  transition,”  he  said.  One 
area  where  he’d  like  to  see  Oracle 
become  more  open  is  in  enabling 
the  management  of  multiple 
encryption  tools,  both  Oracle  and 
third-party  software. 

Andy  Mendelsohn,  senior  vice 
president  of  database  server  tech¬ 
nologies  at  Oracle,  says  the  com¬ 
pany  has  a  parallel  development 
project  under  way  to  work  on  1  lg 


Release  2.  One  area  not  men¬ 
tioned  in  the  listing  of  llg’s  new 
features  is  grid  computing;  that’s 
what  the  “g”  in  both  lOg  and  1  lg 
stands  for. 

Mendelsohn  confirmed  earlier 
reports  that  Oracle  won’t  be  rush¬ 
ing  to  bring  out  an  1  lg  update  for 
its  free  Express  Edition  (XE)  data¬ 
base.  The  new  version  will  likely 
come  with  1  lg  Release  2. 

Last  week  marked  the  official 
unveiling  of  Oracle’s  llg  data¬ 
base,  and  a  look  at  its  new  fea¬ 
tures,  pricing  and  availability  in¬ 
formation  was  not  available.  The 
vendor  would  confirm  only  that 
the  Linux  version  of  1  lg  will  ship 
this  quarter,  probably  in  August. 

Oracle  also  wouldn’t  comment 
on  when  llg  would  be  available 
for  the  other  operating  systems 
the  database  will  support,  includ¬ 
ing  Microsoft’s  Windows.  ■ 


Net  Buzz 

continued  from  page  42 

Emoticons  seem  to  engender  intense  vit¬ 
riol  in  some.  Has  any  of  that  ever  been  di¬ 
rected  at  you? 

Not  really  As  I  discuss  on  my  Web  page 
(www.nwdocfinder.com/9526) ,  some  people 
who  encounter  this  phenomenon  for  the  first 
time  tend  to  go  a  bit  crazy  for  a  while,  just  like 
people  who  discover  that  you  can  include 
multiple  colors  and  fancy  fonts  in  an  online 
document.They  generally  settle  down  after  a 
while,  but  until  they  do,  they  can  be  annoying 
to  those  of  us  who  have  been  using  this  stuff 
for  many  years  and  who  try  to  use  them  spar¬ 
ingly  —  and  also  to  those  writers  who  see  no 
need  for  smiley  faces  in  the  first  place. 

I  find  this  overuse  amusing,  but  some  peo¬ 
ple,  such  as  the  magician  and  TV  personality 
Penn  Jillette.are  more  inclined  toward  apo- 
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plexy  —  I  don’t  know  if  the  outrage  is  real  or 
feigned.  But  so  far  nobody  has  attacked  me  in 
person  for  spawning  this  idea,  and  most 
acquaintances  who  know  about  this  think  it’s 
kind  of  cool. 

I’m  so  disappointed  to  hear  that  about 
Penn  Jillette;  he’s  a  favorite  of  mine,  and  I 
always  considered  him  more  reasonable. 

Well,  it’s  his  job  to  be  outrageous,  opinion¬ 
ated  and  colorfully  obnoxious  —  not  rea¬ 
sonable.  I’ve  never  met  the  guy.  Perhaps  he’s 
a  nice  guy  in  person,  though  I  doubt  it  — 
but  I  do  find  him  interesting,  and  1  enjoy  his 
shows.  I  think  Teller  is  the  brains  of  the  out¬ 
fit,  and  (as  far  as  I  know)  he  has  never  said 
anything  nasty  about  smileys. :-) 

I’ve  never  taken  the  time  to  track  down  the 
exact  Jillette  quote,  but  I’ve  seen  lots  of  sec¬ 
ondhand  attributions  like  this:“Penn  Jillette 
[. . .]  recently  wrote  that  emoticons  are  ‘used 
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by  people  who  would  dot  their  i’s  with  little 
circles  and  should  have  their  eyes  dotted 
with  Drano.’”  If  that’s  how  he  feels  about  ran¬ 
dom  users,  I  shudder  to  think  what  he  would 
do  to  the  guy  who  started  this. 

On  a  happier  note,  Neal  Stephenson,  who  is 
currently  my  favorite  author  (Tm  about  three- 
quarters  of  the  way  through  his  3,000-page 
Baroque  Trilogy  —  brilliant  work!),  wrote  a 
magazine  piece  denouncing  emoticons  and 
their  users,  mentioning  me  by  name. 

A  couple  of  years  ago  he  visited  Carnegie 
Mellon  to  give  one  of  his  very  rare  public 
talks,  and  I  got  an  appointment  to  meet  with 
him.  We  had  a  great  conversation  —  not  awk¬ 
ward  after  the  first  30  seconds.  Later,  I  noticed 
that  he  had  posted  a  retraction  of  his  earlier 
opinion,  though  I’m  not  sure  if  that  was  a 
result  of  our  chat.  So,  for  me,  that  was  maybe 
the  most  fun  and  interesting  exchange  to 
come  from  all  this. 

Any  final  emoticon-ish  thoughts  that  you’d 
like  to  share? 

It  has  been  very  interesting  to  watch  the 
infectious  spread  of  the  smiley  face  and  the 
“turn  your  head  sideways”  principle  from  my 
first  message,  through  the  local  research  com¬ 
munity  on  to  other  universities,  and  then 
around  the  world  as  the  Internet  spread  into 
people’s  homes. 

Now,  25  years  later,  radio  signals  with  :-)  and 
:-(  should  be  passing  by  some  habitable  star 
systems.  But  even  if  there  is  intelligent  life  out 
there,  and  even  if  they  are  receiving  our  sig¬ 
nals,  what  will  they  make  of :-)  and  :-(? 

They  probably  don’t  have  faces. 

You  may  register  your  own  opinion  about 
emoticons  in  our  poll  at  www.nwdoc finder 
com/9527.  Or  write  to  me  at  buzz@nww.com. 
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Technology  for  the  people,  by  the  money 


Mark  Gibbs 


hen  it  comes  to  government  technology 
policy-making,  what  does  it  mean  to  be 
“American”?  You  might,  like  an  innocent 
child,  assume  it  means  the  government  sup¬ 
ports  open  competition  and  lets  the  market- 
BACKSPIN  place  identify  and  select  the  best  products  in 
the  interest  of  the  consumer.  But  you  would,  my 
friends,  be  wrong. 

The  problem  is  that  there  really  isn’t  a  truly 
open  market.  When  it  comes  to  technology  and  the  government  get¬ 
ting  involved,  America  is  another  banana  republic  where  the  biggest 
wallets  get  to  apply  the  most  political  pressure. 

Let  me  give  you  an  example:  HD  Radio.  In  2002  the  Federal 
Communications  Commission  selected  HD  Radio  as  the  official  U.S. 
digital  radio  system. This  was  an  interesting  decision  because  HD 
Radio  (the  “HD”  is  part  of  the  product’s  trademark  name  and  doesn’t 
stand  for  “High  Definition”  or  anything  else)  is  proprietary  to  iBiquity 
Digital  (www.nwdocfinder.com/9530). 

Even  more  telling  in  the  FCC’s  decision  was  competing  technologies 
—  Digital  Audio  Broadcasting  (www.nwdocfinder.com/9531)  and 
Digital  Radio  Mondiale  (www.nwdocfinder.com/9532)  —  which  are 
open  standards,  well-established,  ratified  by  the  International 
Telecommunication  Union  (in  1994  and  2001,  respectively)  and  better 
than  HD  Radio,  were  not  adopted. 

So  the  winning  technology  won’t  provide  U.S.  consumers  with  the 
greatest  choice,  foster  competition  or  encourage  innovation. The  FCC’s 
decision  makes  no  sense  if  the  agency  is  supposed  to  be  managing  a 
market  that  is  driven  by  competition  for  the  benefit  of  the  public. 

But  it’s  a  done  deal.  So  let’s  consider  another  example:  Software 
Defined  Radio  (SDR)  and  its  potential  offspring,  Cognitive  Radio  (CR). 


The  idea  behind  SDR  is  simple  —  use  digital  technology  to  make  a 
radio  that  can  be  configured  by  software  to  receive  almost  any  kind 
of  radio  transmission  (www.nwdocfinder.com/9533). Cognitive  Radio 
takes  the  idea  further  by  using  SDR  to  change  frequencies  and  modu¬ 
lations  dynamically  based  on  communications  conditions  (noise, 
interference,  etc.). 

The  fact  that  software  underlies  these  systems  in  theory  means  that 
anyone  can  create  code  to  do  the  job.  But  theory  and  reality  part 
company  at  the  point  where  the  FCC  decided  that  proprietary  solu¬ 
tions  are  preferable,  in  this  case,  to  open  source  solutions. 

A  new  federal  rule  (www.nwdocfinder.com/9534)  is  in  effect  that 
means  SDR  and  CR  systems  that  use  “open  source  elements”  will  find 
it  hard  to  get  FCC  approval  or  perhaps  will  be  excluded  altogether. 

The  FCC’s  reasoning  —  inexplicably  prompted  by  Cisco,  of  all  com¬ 
panies  —  is  that  manufacturers  should  not  use  open  source  software 
“if  doing  so  would  increase  the  risk  that . .  .security  measures  could 
be  defeated  or  otherwise  circumvented  to  allow  operation  . .  .of  the 
radio  in  a  manner  that  violates  the  Commission’s  rules.” 

This  means  that  what  the  FCC  and  Cisco  apparently  want  is  unhack- 
able  software  products!  As  Homer  Simpson  would  say“Du-oh!” 
Gentlemen, you  must  know  that  there  is  no  such  thing  and  anyone 
with  the  slightest  clue  will  tell  you  that  security  through  obscurity  has 
never  and  will  never  work.  Just  consider  how  quickly  the  iPhone’s 
“secret”  access  passwords  were  found! 

What  we  have  in  these  and  many  other  cases  is  proof  that  if  you 
want  to  know  why  a  dumb  policy  decision  was  made  just  follow 
the  money  These  days  it  appears  that  any  other  reason  would  be 
un-American. 

Send  your  comments  to  backspin@gibbs.com. 


Emoticon  turning  25:  Thank  this  guy :-) 


hen  the  emoticon  —  known  by  some 
as  the  “smiley  face” —  turns  25  years 
old  on  Sept.  19,  the  man  recognized  as 
having  typed  the  first  one  intends  to  mark  the 
occasion  with  a  cookie. 

In  the  meantime,  Carnegie  Mellon  comput- 
NETBUZZ  er  science  professor  Scott  Fahlman  will 

News  Insights  oddities  brace  for  the  inevitable  Parade  of  Press 
B—| inquiries,  entreaties  from  emoticon  enthusi¬ 
asts  and  brickbats  from  emoticon  critics, 
most  notable  of  whom  (to  Fahlman,  at  least)  is  the  entertainer 
Penn  Jillette.  The  anniversary  already  has  inspired  an  emoticon 
contest  at  Yahoo. 

I  recently  had  a  pleasant  e-mail  chat  with  Fahlman  in  which  he 
speaks  of  how  his  “invention”  has  brought  him  fame,  not  a  red  cent, 
and  a  meeting  with  his  favorite  author,  Neal  Stephenson,  who  in  a  1993 
essay  eviscerated  emoticonists,  including  Fahlman,  only  to  retract  that 
assessment  a  decade  later.  What  follows  is  an  edited  transcript  of  my 
chat  with  the  Father  of  the  Emoticon: 


For  some  people,  making  up  really  complex  smileys  is  a  sort  of 
hobby  —  you  know,  things  like  “Uncle  Sam,  Santa  Claus,  and  the 
Pope  being  eaten  by  a  python” —  but  I’ve  never  been  into  that  and 
never  use  these.  If  you  have  to  explain  what  the  thing  is,  it’s  not  really 
helping  with  your  communication  —  at  least,  not  in  the  same  way 

Are  you  going  to  celebrate  the  25th  anniversaiy  in  some  fashion? 

I  think  we’ll  have  a  little  local  party  for  the  Carnegie  Mellon  com¬ 
puter  science  community. There’s  a  local  restaurant  chain,  Eat  ‘n 
Park,  that  (by  pure  coincidence)  is  famous  for  their  round  smiley- 
face  cookies.  For  a  few  dollars  extra,  they  are  willing  to  make  me  up 
a  special  batch  of  these  with  the  face  drawn  on  sideways. :-)  So  we’ll 
probably  serve  a  bunch  of  those. 

We  thought  briefly  about  having  some  sort  of  symposium  to  mark 
the  occasion,  inviting  a  lot  of  experts  on  online  communication  and 
semiotics  and  the  history  of  writing  systems.That  would  be  fun,  but  I 
didn’t  want  to  spend  the  time  to  make  this  happen  —  I’m  trying  to 
focus  on  my  own  research  in  artificial  intelligence.  [Fahlman  leads  the 
DARPA-funded  RADAR  project.] 


Hi  Scott: ...  Do  you  ever  get  tired  of  these  interviews? :-) 

Yes,  but  our  university  public  relations  people  love  them,  and  I’m 
happy  enough  to  go  along.  It’s  a  weird  thing  to  be  famous  for,  but  it’s 
nice  to  be  famous  for  something. 

Do  you  use  emoticons?  If  so,  when? 

Yes,  I  use  the  two  that  I  invented, :-)  and  :-(  ,  in  e-mail  messages,  plus 
occasionally  a  couple  of  others, such  as  the  winky  face,;-). I  don’t  like 
the  noseless  variants, :)  and  :(.  1  think  they  look  like  frogs,  though  1 
might  prefer  them  if  I  did  a  lot  of  text  messaging  on  a  cell  phone  — 
one  less  character  to  type  the  hard  way. 


I’m  guessing  you  never  turned  a  buck  off  of  your  “invention”  (cor¬ 
rect  me  if  I’m  wrong).  How  do  you  feel  about  that  today,  when  so 
many  make  so  much  off  so  little? 

No,  I  never  made  any  money  off  of  this,  and  never  tried  to.  It’s  my 
little  gift  to  the  world.  Anyway,  I  don’t  see  any  way  to  make  nontrivial 
money  from  this.  If  there  were  some  practical  way  in  which  I  could 
charge  people  a  few  cents  every  time  they  used  these  symbols, 
nobody  would  use  them.  As  far  as  I  know  nobody  else  has  made  any 
serious  money  from  this  idea  either,  so  I  don’t  have  to  feel  regret. 

See  Net  Buzz,  page  41 
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The  HP  BladeSystem  c-Class,  featuring 
efficient  Dual-Core  AMD  Opteron™ 
processors,  helps  free  I.T.  from  the  cycle 
of  server  management.  It's  equipped 
with  HP's  exclusive  Insight  Control 
Linux  Edition,  a  comprehensive  blade 
management  and  deployment  package  built  specifically 
for  Linux.  Manage  multiple  servers  and  infrastructures  while 
automating  routine  tasks,  giving  you  more  time  to  spend 
on  the  tasks  that  really  drive  your  business. 


Download  the  IDC  White  Paper  "Better  Together:  Blades,  Linux  and  Insight  Control 

Call  1-866-625-1013 

Visit  www.hp.com/go/breakthecycle71 


Linux  is  a  U.S.  registered  trademark  of  Linus  Torvalds.  AMD,  the  AMD  Arrow  logo,  AMD  Opteron,  and  combinations  thereof  are  trademarks  of  Advanced  Micro  Devices,  Inc.  The  information  contained  herein  is  subject  to  change  without  notice. 
©  2007  Hewlett-Packard  Development  Company,  L.P. 


IP 


V  0\  \  s  v  s' 

'  \  ■  \  \  \  \\\  s 

-v  •  v  \  .  \  \  S 

L‘r\  V  V  V  Jmk 


tA 


t  r  r  /  /  f  /  '  f 

/  /  /  f  /  '  •  t 

d  ,,//>/■'/ ' 


,M;\ 


MULTIPLY  MOBILE  SECURITY 
AND  MAXIMIZE  CONFIDENCE. 


/ 


INTRODUCING  NEW  INTEL®  CENTRINO'  PRO  PROCESSOR  TECHNOl^C 
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